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Windows  Datacenter 
Grows  Up,  Gains  Ground 


Microsoft  partner  Unisys  upgrades  ES7000 
line;  some  users  eye  move  to  other  hardware 


BY  CAROL  SLIWA 

A  year  ago,  users  of  Micro¬ 
soft  Corp.’s  high-end  Win¬ 
dows  Server  Datacenter 
Edition  might  well  have 
felt  that  they  had 
ventured  down  a 
lonely  path. 

But  announce¬ 
ments  made  last 
week  by  Unisys 
Corp.,  a  prominent 
hardware  partner  in  the 
Datacenter  program,  indi¬ 
cate  that  Microsoft  is  gradu¬ 
ally  making  progress  in  its 
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Unisys  touts 
uptime  of  Windows 
Datacenter  on 
the  ES7000. 


GE3SHE3 


quest  to  attract  enterprise 


customers  to  its  high-end 
systems  —  even  to  the  point 
that  some  of  the  earliest 
adopters  are  testing  64-bit 
Itanium  hardware  to 

squeeze  out  better 
performance. 

Unisys  last  week 
unveiled  an  upgrade 
to  its  ES7000  line  and 
spotlighted  its  own 
research  that  showed 
the  high  availability  that  its 
servers  have  demonstrated 
running  the  Datacenter  Edi¬ 
tion  of  Windows.  For  two 


years,  the  company  elec¬ 


tronically  collected  data 
from  68  nonclustered 
servers  at  customer  sites  in 
North  America,  said  Mark 
Feverston,  vice  president  of 
enterprise  server  marketing. 

The  Blue  Bell,  Pa. -based 
hardware  maker  also  claims 
that  there  are  about  1,900 
ES7000/Datacenter  servers 
at  customer  sites.  Sales  of 
ES7000s  were  up  85%  in  the 
first  quarter  of  2004  com¬ 
pared  with  the  same  period 
in  2003,  with  about  half  run¬ 
ning  the  Windows  Data¬ 
center  Edition  and  half  run¬ 
ning  the  Enterprise  Edition, 
according  to  Feverston. 

“You  can  sleep  at  night 

Datacenter,  page  46 


IT  Auditors  Coveted,  Hard  to  Find 


Companies  compete 
for  needed  skills  as 
Sarb-Ox  deadlines  near 


BY  THOMAS  HOFFMAN 


Looming  deadlines  for  Sar- 
banes-Oxley  Act  compliance 
have  led  accounting  firms  and 
other  companies  that  are 
scrambling  to  comply  with  the 
financial-reporting  law  to 
ramp  up  their  recruiting  of 
workers  who  have  essential  IT 
auditing  experience. 

For  instance,  Jose  L.  Carrera 
Jr.,  an  enterprise  risk  manage¬ 
ment  practice  leader  at  ac¬ 
counting  firm  Singer  Lewak 
Greenbaum  &  Goldstein  LLP 
in  Los  Angeles,  last  week  said 
he  recently  received  job  offers 
from  two  Fortune  250  compa¬ 
nies  seeking  to  hire  IT  audit 
directors. 

Carrera  said  one  company 
told  him  he  would  get  a 
$40,000  bonus  if  he  worked 
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It’s  not  just  a  home  PC  problem  anymore 
-  it’s  a  corporate  liability.  Learn  howto 
stop  spyware  in  its  tracks.  PAGE  23 
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there  for  at  least  a  year.  The 
other  company,  an  electric 
utility,  is  offering  an  “impres¬ 
sive”  salary  bump,  a  generous 
relocation  fund  for  his  family 
and  a  handsome  stock-option 
package,  Carrera  added.  “If  I 
move,  I  can  add  a  nice  little 
chunk  to  my  401(k)  retirement 
program,”  he  said,  noting  that 
he  hasn’t  decided  yet  whether 
he  will  take  either  job. 

IT  Auditors,  page  16 


IBM,  EMC  Clash 
Over  Storage 
Virtualization 


IBM  adds  support  for 
EMC’s  arrays;  EMC 
product  due  next  year 


BY  LUCAS  MEARIAN 


IBM  and  EMC  Corp.  last  week 
vied  for  an  edge  in  the  emerg¬ 
ing  market  for  storage  virtual¬ 
ization  technology,  with  IBM 
contending  that  EMC  is  late  to 
the  party  and  EMC  claiming 
that  software  sold  by  IBM 
lacks  functionality  EMC  will 
bring  to  the  table. 

In  addition  to  taking  verbal 
IBM/EMC,  page  16 


Rival  Developments 


■  Announced  the  third 
release  of  its  virtualiza¬ 


tion  software,  with  expanded  ca¬ 
pabilities  for  managing  data  on  com¬ 
peting  disk  arrays  -  including  EMC’s. 


■  Available:  Now. 


rrrra  ■  Said  it’s  working  on 
liila  a  “storage  router”  de¬ 
vice  that  will  include  built-in  virtual¬ 
ization  software  and  provide  high 
levels  of  scalability. 


m 


■  Availability:  Limited  beta-testing 
this  quarter;  shipments  due  in  the 
first  half  of  next  year. 


Make  a  name  for  yourself 
with  Windows  Server  System. 
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Windows 
Server  System 


Microsoft 

Your  potential.  Our  passion. ' 
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Microsoft  Windows  Server  System  makes  Siemens' 
infrastructure  easier  to  manage.  Here's  how:  using 
Windows  Server  2003  with  Active  Directory  and 
Exchange  Server  2003,  Siemens  built  a  single 
directory  with  over  400,000  identities  worldwide 
across  130  business  units.  This  allows  them  to 
manage  identities  at  both  a  global  and  local  level. 
It's  software  that  helps  you  do  more  with  less.  Get 
the  full  Siemens  story  and  a  hands-on  management 
tool  at  microsoft.com/wssystem 


SIEMENS 


Mr.  417,000  People, 
130  Business  Units 
in  190  Countries, 

All  Managed  in 
One  Active  Directory 


Windows  Server  System”  includes  these  products: 


Operations  Infrastructure  Systems  Management  Server 

Application  Center 
Operations  Manager 
Internet  Security  &  Acceleration  Server 
Windows*  Storage  Server 


Application  Infrastructure  SQL  Server” 

BcTalk*  Server 
Commerce  Server 
Content  Management  Server 
Host  Integration  Server 


With  130  different  business  units,  we're 
like  the  ultimate  manageability  case  study." 

John  Minnick 

Manager,  Technology  Development,  Siemens 


Information  Work  Infrastructure 


Exchange  Server 


Office  SharePoint”  Portal  Server 


Office  Live  Communications  Server 


Make  a  name  for  yourself 
with  Windows  Server  System. 


Windows 
Server  System 
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The  right  management  should  do  more  than  just  protect. 

It  should  also  enable. 

eTrust™  Security  Management  Software 

With  eTrust  security  management  software,  your  information  isn't  just  safeguarded  from  internal  and  externa!  threats. 
We  provide  authorized  customers,  partners,  and  employees  with  appropriate  access  that  can  help  your  business  grow. 
In  addition  to  securing  data,  eTrust  also  provides  a  single  view  of  your  security  environment,  so  you  can  make  real-time 
decisions  based  on  comprehensive  information.  If  you're  looking  for  ways  to  minimize  risk  while  maximizing  your 
potential,  or  to  get  a  white  paper,  go  to  ca.com/security. 
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Betting  on  IT  Value 

In  the  Management  section:  Harrah’s  Heath 
Daughtrey  (left)  uses  a  sophisticated  proc¬ 
ess  for  tracking  the  true  value  of  IT  projects. 
One  researcher  says  it’s  the  best  IT  portfolio 
management  system  in  the  nation.  Page  33 
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Navigating  the  WLAN  Waters 

In  the  Technology  section:  Continual 
changes  in  WLAN  technology  can  make 
building  and  maintaining  wireless  LANs 
a  confusing  affair.  Here’s  how  adminis¬ 
trators  are  coping.  Page  26 


HEWS 


TECHNOLOGY 


OPINIONS 


ONLINE 

WWW.COMPUTERWORLD.COM 


4  IBM  extends  partitioning 
technology  to  its  iSeries 
servers,  while  Dell  tries  to 
entice  Unix  users  to  move  to 
Wintel  systems. 

5  Automotive  suppliers  could 
get  help  meeting  some  of  the 
Big  Three’s  requirements 
from  a  start-up’s  product  life- 
cycle  management  software. 

8  Health  care  IT  could  get  a 
boost  from  President  Bush’s 
call  for  electronic  medical 
records  and  from  moves  by 
two  groups  to  encourage  the 
use  of  bar  codes  and  prescrip¬ 
tion  order  entry  systems. 

10  Nortel  ousts  its  CEO  and  two 

other  executives  and  delays 
the  release  of  its  first-quarter 
results. 

12  Q&A:  CA’s  new  sales  chief 

talks  about  his  customer 
relationship  responsibilities 
during  tough  times  at  CA. 

12  Offshoring  foes  protest  at 

IBM’s  annual  shareholder 
meeting. 

16  Extreme  Networks  upgrades 

its  switch  software  by  boost¬ 
ing  scalability  and  adding  sup¬ 
port  for  open  APIs  and  XML- 
based  data. 

17  Q&A:  Hyperion’s  CEO  dis¬ 
cusses  the  difference  between 
business  process  management 
and  business  intelligence  apps. 

19  Lawson  Software  vows  to 

make  its  applications  more 
user-friendly  as  it  takes  aim  at 
the  big  ERP  vendors. 


23  Spyware  Sneaks  Into  the 
Office.  Once  dismissed  as  a 
desktop  support  nuisance, 
spyware  is  emerging  as  a  cor¬ 
porate  liability,  and  its  prolif¬ 
eration  presents  a  challenge 
for  IT  managers. 

28  QuickStudy:  XSL.  Extensible 
Stylesheet  Language  is  a  fami¬ 
ly  of  languages  and  specifica¬ 
tions  designed  for  presenting 
XML  documents  and  data  in 
formats  appropriate  for  the  fi¬ 
nal  output  medium  or  device. 

30  Security  Manager’s  Journal: 
Back  Door  Puts  Vendor  on 
Hot  Seat.  News  reports  of  a 
hidden  back  door  in  a  wireless 
LAN  product  lead  Vince 
Tuesday  and  his  staff  to  ask 
tough  questions  when  the 
vendor  pays  a  visit. 

MANAGEMENT 

35  Q&A:  Culture  Wars.  Syracuse 
University’s  Jeffrey  Stanton 
says  IT’s  unique  subculture 
may  contribute  to  project  fail¬ 
ure  by  damaging  relationships 
between  IT  and  users. 

36  Think  Tank.  IT  could  play  a 
role  in  finding  the  right  deci¬ 
sion-makers  during  a  crisis. 
And  “category  killer”  retailers 
will  be  spending  big  on  point- 
of-sale  systems,  data  ware¬ 
houses  and  RFID. 

37  Career  Watch.  Cardinal 
Health’s  IT  director  offers 
career  advice  to  pure  technol¬ 
ogists.  Plus,  a  look  at  starting 
IT  salaries  for  college  grads, 
and  IT  training  tips. 


6  On  the  Mark:  Mark  Hall  finds 
plenty  of  U.S.  IT  workers  will¬ 
ing  to  take  salaries  that  are 
competitive  with  those  of 
offshore  workers.  And  he 
takes  a  look  at  new  business 
intelligence,  load-balancing 
and  security  technologies. 

20  Maryfran  Johnson  says  spy- 
ware  has  become  a  corporate 
security  threat,  jeopardizing 
compliance  efforts  and  clog¬ 
ging  networks. 

20  Pimm  Fox  ponders  how  the 
investment  community  can 
embrace  Google’s  IPO  just 
a  few  short  years  after  the 
Internet  stock  implosion. 

21  David  Moschella  asks:  Is  the 
CIO  at  the  heart  of  corporate 
innovation  in  your  company, 
or  is  IT  seen  as  a  barrier  to 
trying  new  things? 

32  Paul  A.  Strassmann  argues 
that  the  brief  average  tenures 
of  CIOs  limit  accountability 
and  long-term  strategizing. 

38  Paul  Glen  sees  one  thing  more 
threatening  to  IT  staffs  than 
offshoring:  fear  of  offshoring. 

47  Frankly  Speaking:  Frank 

Hayes  says  no  matter  who’s  to 
blame  for  Microsoft’s  security 
lapses,  it’s  users  who  will  pay. 


DEPARTMENTS/RESOURCES 


At  Deadline  Briefs . 4 

News  Briefs . 6,10 

Letters . 21 

IT  Careers  . . 40 

Company  Index . 45 

How  to  Contact  CW . 45 

Shark  Tank . 47 


Spyware  Suggestions 

SECURITY:  After  reading  the  spyware  feature 
in  the  Technology  section  on  page  23,  head 
online  to  see  more  tips  from  Symantec’s 
Kelly  Martin  on  how  to  keep  this  insidious 
software  off  of  your  corporate  network. 

O  QuickLink  46350 

What  SCO’s  Linux  Suits 
Mean  for  Users 

SOFTWARE:  Choate,  Hall  &  Stewart  partner 
Donald  Muirhead  outlines  challenges  and 
risks  users  face  in  the  wake  of  The  SCO 
Group’s  Linux  claims.  ©  QuickLink  46477 


The  Perils  of  Multitasking 

DEVELOPMENT:  Assigning  multiple  projects 
to  the  same  team  may  look  like  an  efficient 
way  to  do  things,  but  hidden  costs  ultimately 
hurt  you,  says  columnist  Johanna  Rothman. 

©QuickLink  46547 

NAS  Appliances  vs.  Gateways 

STORAGE:  Chuck  Hollis,  vice  president  of 
platform  marketing  at  EMC,  suggests  six 
questions  that  could  help  you  to  decide 
which  of  these  technologies  is  best  for  your 
organization.  ©  QuickLink  46457 

Is  It  Possible  to  Ditch 
Microsoft  Office? 

SOFTWARE:  OpenOffice  is  good  enough  for 
most  enterprise  needs,  argues  open-source 
advocate  Eugene  Ciurana.  ©  QuickLink  46107 


What’s  a  QuickLink? 


O  Throughout  each  issue  of 
Computerworld,  you’ll 
see  five-digit  QuickLink  codes 
pointing  to  related  content  on 
our  Web  site.  Also,  at  the  end  of 
each  story,  a  QuickLink  to  that 
story  online  facilitates  sharing  it 
with  colleagues.  Just  enter  any 
of  those  codes  into  the  Quick¬ 
Link  box,  which  is  at  the  top  of 
every  page  on  our  site. 
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Microsoft  Patch 
Hampers  Win  2k 

Microsoft  Corp.  said  a  software 
patch  released  April  13  is  prevent¬ 
ing  some  users  who  have  installed 
it  on  Windows  2000  systems 
from  logging  in  or  is  causing  the 
machines  to  stop  responding  after 
they  boot  up.  The  patch  is  de¬ 
signed  to  fix  security  holes  in 
Windows,  including  flaws  in 
its  Secure  Sockets  Layer  imple¬ 
mentation.  Microsoft  said  it’s 
researching  the  problem. 


IBM  Releases  Beta 
Of  DB2  Upgrade 

IBM  this  week  plans  to  release  a 
beta-test  version  of  a  DB2  data¬ 
base  upgrade,  code-named 
Stinger.  The  upgrade  will  include 
new  features  such  as  self-tuning 
and  self-management  capabili¬ 
ties,  query  optimization  and  sup¬ 
port  for  3-D  geospatial  data,  ac¬ 
cording  to  IBM  officials.  IBM  has 
said  it’s  aiming  to  ship  Stinger 
sometime  this  year. 


Wal-Mart,  Suppliers 
Start  Testing  RFID 

Wal-Mart  Stores  Inc.  began  testing 
the  use  of  radio  frequency  identifi¬ 
cation  devices  at  seven  stores 
and  a  distribution  center  in  Texas. 
Eight  suppliers  are  taking  part  in 
the  trial,  and  Wal-Mart  said  all  but 
two  of  its  top  100  suppliers  are  on 
track  to  meet  a  January  deadline 
for  starting  to  use  RFID  tags. 


Short  Takes 

PE0PLES0FT  INC.  this  week  will 
announce  a  bundle  of  its  World 
green-screen  business  applica¬ 
tions  tailored  for  midsize  manu¬ 
facturers,  home-builders  and 

distributors _ SIEMENS  AG’s 

networking  division  in  Boca  Ra¬ 
ton,  Fla.,  today  plans  to  introduce 
a  high-end  communications  sys¬ 
tem  for  converged  voice  and  data 
networks.  The  HiPath  8000  Real- 
Time  IP  System  can  support  up  to 
100,000  users  per  node  and  is 
priced  at  $300  per  user. 


IBM  Enhances  iSeries  With 
Partitioning,  Power5  Chips 


Meanwhile,  Dell  advances  Wintel  cause 
by  forging  enterprise  pact  with  SAP 


BY  PATRICK  THIBODEAU 

bm  today  will  raise 
the  stakes  in  the  battle 
between  its  proprietary 
systems  and  Intel-based 
servers  when  it  announces 
new  iSeries  servers  equipped 
with  the  Power5  processor 
and  mainframe-class  virtual¬ 
ization  technology. 

IBM’s  eServer  i5  server,  the 


newest  member  of  the  iSeries 
line  (formerly  the  AS/400), 
runs  the  i5  operating  system,  a 
new  release  of  OS/400  that’s 
compatible  with  systems  deliv¬ 
ered  since  1999.  The  upgraded 
operating  system  provides  inte¬ 
gration  of  WebSphere  Express 
and  improved  continuous  oper¬ 
ation  capabilities.  The  i5  also 
supports  IBM’s  AIX  version 


of  Unix  in  addition  to  Linux. 

The  i5  features  IBM’s  Virtu¬ 
alization  Engine,  a  set  of  parti¬ 
tioning  technologies  devel¬ 
oped  on  IBM’s  mainframes. 
The  engine  allows  users  to 
partition  one  processor  10 
ways  and  to  use  processor  bal¬ 
ancing,  which  enables  one 
partition  to  take  advantage  of 
available  processing  power  in 
another  partition. 

The  IBM  launch  follows 
Dell  Inc.’s  announcement  last 
week  that  it’s  expanding  its 
relationship  with  SAP  AG  to 
help  users  migrate  from  Unix 
to  Intel-based  systems  run¬ 
ning  Windows  and  Linux  (see 
box,  left).  The  initiatives  an¬ 
nounced  by  IBM  and  Dell  of¬ 
fer  users  competing  approach¬ 
es  to  delivering  applications 
such  as  ERP  systems. 

Roxanne  Reynolds-Lair, 

CIO  at  the  Fashion  Institute  of 
Design  &  Merchandising  in 
Los  Angeles,  said  she  intends 
to  upgrade  from  her  AS/400  to 
the  i5  system  because  the  IBM 
approach  best  meets  the  re¬ 
quirements  of  her  mission- 
critical  processes. 

“We  have  Intel  servers  and 
it  takes  more  people-time, 
more  effort  to  administer 
them,  maintain  them,”  said 
Reynolds-Lair,  who  supports 
about  1,000  users.  The  iSeries 
“has  so  much  more  built  in 
that  you  don’t  have  to  worry 
about.  It’s  also  much  more  se¬ 
cure  than  the  Intel  servers,” 
she  said. 

But  Rick  Fabrizio,  CIO  at  PQ_ 
Corp.,  a  producer  of  chemicals 
and  other  manufacturing  prod¬ 
ucts  in  Berwyn,  Pa.,  said  that 
he  migrated  from  Hewlett- 
Packard  Co.’s  HP  9000  systems 
running  HP-UX  to  Wintel 
servers  from  Dell  several  years 
ago  and  that  he  remains 
pleased  with  that  decision. 

Running  a  Unix  system  re¬ 
quired  specialized  engineers, 
he  noted.  “When  there  was  a 
problem,  it  was  very  time- 
consuming  to  resolve  it  —  and 


Utility  Hopes 
Customer 
Alert  System 
Will  Save 
Time,  Energy 

XCEL  ENERGY  INC.  this 
week  plans  to  go  live  with  a 
system  designed  to  automate 
the  process  of  asking  corpo¬ 
rate  customers  to  cut  back  on 
their  electricity  consumption, 
making  the  Minneapolis- 
based  company  the  latest 
utility  to  adopt  outbound 
communications  technology. 

The  system,  based  on  En- 
voyWorldWide  Inc.’s  Envoy- 
Profiles  software,  will  be  used 
to  send  automated  alerts  to 
about  2,700  companies  in 
Minnesota,  Wisconsin  and 
North  and  South  Dakota  that 
participate  in  Xcel’s  energy- 


CEO  Sees  SAP  Software 
On  More  Intel  Clusters 


NEW  YORK 


Henning  Kagermann,  CEO  of 

SAP,  spoke  with  Computer- 
world  last  week  about  the  im¬ 
pact  of  Intel-based  server  clus¬ 
ters  on  his  enterprise  applica¬ 
tions  business.  Excerpts  from 
that  interview  follow: 

Are  you  recommending  to 
your  customers  that  they 
move  to  Deli  two- 
and  four-way  clus¬ 
ters?  No,  we  can’t.  We 
have  [SAP]  bench¬ 
marks,  and  these 
benchmarks  are  stan¬ 
dard  benchmarks  for  all 
of  the  key  hardware 
suppliers.  If  Dell  can 
achieve  very,  very  good 
figures,  as  we  have 
seen  in  the  standard  environ¬ 
ment,  then  it’s  something  that  is 
known  to  all  customers  in  the 
world,  and  it’s  up  to  them  to 
make  their  choice.  But  SAP 
never  makes  recommendations. 
A  customer  makes  a  choice. 
That’s  very  important,  because 
the  client  wants  us  to  be,  to 
some  extent,  neutral. 

Based  on  what  you’re  seeing 
in  the  benchmarks,  do  you 
expect  to  see  a  lot  of  your 


symmetric  multiprocessing 
users  moving  to  two-  and 
four-way  Intel  clusters? 

There  is  a  momentum,  yes.  How 
much?  We  will  see.  But  if  you 
look  to  the  installations  in  the 
last  quarters,  we  can  see  some 
[growth],  that’s  true. 

A  lot  of  your  customers  run 
their  systems  on  Unix-based 
Sun  and  IBM  sys¬ 
tems.  Are  you  con¬ 
cerned  that  you 
might  alienate  some 
of  those  customers 
with  the  Dell  agree¬ 
ment?  No.  You  have  to 
understand,  all  these 
clients,  when  they  in¬ 
vested  in  hardware,  also 
looked  at  the  bench¬ 
marks  at  that  time. 

Making  benchmarks  is  not 
new  for  SAP.  We  started  in  the 
1990s,  because  when  Unix  took 
off,  there  was  always  the  ques¬ 
tion  of  which  Unix  flavor  is  the 
best  one.  Now  I  think  we  have 
new  players,  and  [Dell  CEO] 
Michael  Dell  is  changing  the 
game.  Now,  for  new  clients 
there  is  a  new  benchmark,  and 
they  will  make  up  their  mind. 

But  that’s  up  to  the  customer. 

-  Patrick  Thibodeau 


IBM’s  i5  pricing  varies  by 
processor  workload  power, 
memory,  disk  capacity  and  other 
features.  Starting  pricing: 


Model  520  Model  570 


expensive,”  said  Fabrizio,  who 
supports  about  625  users.  The 
Windows-based  environment 
is  simpler  to  administer,  he 
said.  “It’s  a  lot  easier,  from  a 
systems  administration  stand¬ 
point,  [to  find]  someone  with 
Intel  experience  than  with 
specialized  Unix  experience,” 
Fabrizio  said. 

At  a  press  conference  held 
last  week  in  New  York,  Dell 
CEO  Michael  Dell  said  that 
large  enterprise  applications 
are  increasingly  moving  to 
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Suppliers  Use  PLM  Tools  to  Meet 
Automakers’  Development  Mandates 


the  Wintel  platform. 

“We  see  things  turning  over 
to  standards-based  products  at 
an  increasing  rate,”  Dell  said. 
“Our  strategy  is  to  accelerate 
the  development  of  standards- 
based  technology  in  the  enter¬ 
prise  by  partnering  with  com¬ 
panies  like  SAP.” 

But  Ian  Jarman,  IBM’s 
eServer  i5  product  manager, 
said  he  believes  it’s  “more  effi¬ 
cient  and  better  utilization  [of 
IT  assets]  to  use  virtualization 
to  divide  the  processes  that  you 
have”  than  to  cluster  servers  to¬ 
gether.  IBM  offers  clusters  in  its 
Intel-based  xSeries  platform 
but  maintains  that  the  virtual¬ 
ization  offered  in  iSeries  is  the 
preferred  method  for  manag¬ 
ing  resources. 

The  iSeries  system  can 
support  Windows  when  an 
xSeries  server  is  added  to  the 
chassis,  or  connected  via  ca¬ 
ble,  allowing  the  system  to  uti¬ 
lize  management,  security, 
storage  and  other  features. 

As  part  of  the  announce¬ 
ment,  IBM  said  it  is  cutting 
prices  on  earlier  iSeries  sys¬ 
tems  by  as  much  as  40%  and  is 
planning  price  cuts  in  memory 
as  well.  ©  46594 


reduction  savings  pro¬ 
gram.  The  customers 
can  qualify  for  lower 
rates  by  agreeing  to 
reduce  electricity  use 
during  peak  periods. 

Xcel  tested  the  sys¬ 
tem  in  March  with  half 
of  the  customers  en¬ 
rolled  in  the  program, 
said  Bill  Gruen,  a  prod¬ 
uct  manager  who 
works  at  the  utility  in 
Denver.  The  company 
planned  to  test  the  sys¬ 
tem  again  on  Friday 
with  all  of  the  partici¬ 
pating  customers, 
he  added. 

Until  now,  Xcel  relied 
on  a  two-part  notification 
process  involving  autodialing 
software  and  follow-up  phone 
calls  to  customers.  With  the 
new  system,  customers  will  be 
able  to  choose  between  e-mail, 
pager  or  cell  phone  text  mes¬ 
sage  notifications.  That  should 
let  Xcel  contact  all  2,700  com- 


BY  JAIKUMAR  VI JAYAN 

As  an  automotive  supplier, 
Freudenberg-NOK  has  been 
required  by  the  Big  Three  and 
other  automakers  to  docu¬ 
ment  the  completion  of  sever¬ 
al  predefined  tasks  during 
product  development  and 
launch. 

Until  recently,  the  Ply¬ 
mouth,  Mich. -based  supplier 
fulfilled  this  so-called  Ad¬ 
vanced  Product  Quality  Plan¬ 
ning  (APQP)  obligation  using 
a  process  that  involved  manu¬ 
ally  collecting  and  integrating 
project  data  from  various 
sources  at  multiple  stages  of 
the  development  process. 

Aras  Corp.,  a  vendor  of 
product  life-cycle  manage¬ 
ment  software,  last  week  re¬ 
leased  a  software  product  de¬ 
signed  to  help  companies  like 
Freudenberg-NOK  automate 
much  of  that  process. 

Designed  specifically  for 
automotive  suppliers,  APQP 
Plus  software  from  Lawrence, 


panies  “within  a  matter  of  min¬ 
utes,”  Gruen  said.  ©  46553 

-  Thomas  Hoffman 

READ  MORE  ONLINE 

Go  to  our  Web  site  for  full  coverage  of 
the  Xcel  project: 
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Mass.-based  Aras  gives  users 
customized  templates  and 
workflows  for  capturing  infor¬ 
mation  in  conformance  with 
the  APQP  project  manage¬ 
ment  requirements.  The  soft¬ 
ware  has  made  it  easier  to 
comply  with  APQP  require¬ 
ments,  said  Tom  Gill,  director 
of  computer-aided  engineer¬ 
ing  technology  at  Freuden¬ 
berg-NOK,  which  is  an  early 
tester  of  the  software. 

Previously,  new-product 
development  teams  would  de¬ 
fine  the  steps  necessary  to  ac¬ 
complish  their  tasks  and  put 
that  information  in  a  spread¬ 
sheet.  Project  managers  would 
then  check  off  each  task  as  it 
was  completed.  But  the  paper- 
based  system  was  rarely  up 
to  date,  and  the  information 
wasn’t  easily  retrievable, 

Gill  said. 

Aras’  Web-based  software 
allows  Freudenberg-NOK  to 
automate  the  task  assignment 
process.  It  provides  templates 
for  collecting  and  centralizing 
information  and  a  color-coded 
dashboard  system  for  measur¬ 
ing  the  progress  of  each  proj¬ 
ect.  “It  has  made  everything  a 
lot  more  visible,”  Gill  said. 

Although  he  couldn’t  quanti¬ 
fy  any  return  on  investment, 
Gill  said  that  in  a  business 
where  being  late  with  a  prod¬ 
uct  can  cost  a  company  “tens 
of  thousands  of  dollars,”  the 
increased  efficiency  can  have  a 
real  effect  on  the  bottom  line. 

The  software  also  allows 
users  to  electronically  manage 
and  submit  documents  related 
to  product  parts  approval, 
engineering  change  requests, 
bills  of  materials  and  engi¬ 
neering  specifications. 

Ease  of  Integration 

What  sets  Aras’  software  apart 
from  other  PLM  products  is 
the  ease  with  which  it  can  be 
integrated  into  an  automotive 
supplier’s  operations,  said  Vic¬ 
tor  Moreno,  PLM  project  man¬ 
ager  at  Nemak,  a  Monterrey, 
Mexico-based  company  that 
makes  cylinder  heads  and 


engine  blocks  for  automakers. 

Nemak  evaluated  products 
from  other  vendors,  including 
UGS  PLM  Solutions  Inc.,  SAP 
AG  and  MatrixOne  Inc.,  be¬ 
fore  choosing  Aras.  Its  goal  is 
to  use  the  software  to  get  sta¬ 
tus  updates  and  metrics  on 
costs,  quality  and  schedules 
in  accordance  with  APQP 
requirements. 

Powerway  Inc.  in  Indianapo¬ 
lis  provides  software  designed 
to  let  automakers  collaborate 
with  suppliers,  said  Michael 
Burkett,  an  analyst  at  Boston- 
based  AMR  Research  Inc.  But 


its  software  isn’t  widely  de¬ 
ployed  by  suppliers,  which  is 
the  market  that  Aras  is  going 
after,  he  said. 

Despite  the  benefits,  there 
are  some  caveats,  Gill  said. 
Running  the  bandwidth¬ 
intensive  Web-based  applica¬ 
tion  has  stressed  Freudenberg- 
NOK’s  wide-area  networks,  he 
said.  Moreover,  Aras  is  still 
small,  so  due  diligence  needs 
to  be  observed  when  purchas¬ 
ing  from  the  company,  Gill 
said.  Freudenberg-NOK  “es¬ 
crowed”  the  source  code  — 
that  is,  ensured  that  it  will  be 
available  through  a  third  party 
in  the  event  of  Aras’  collapse, 
he  said. 

Pricing  for  Aras’  software 
starts  at  $50,000  for  10  concur¬ 
rent  users.  ©  46574 


PLM  Aids  in  Airport  Construction 


Product  life-cycle  management 
software  is  predominantly  used 
in  the  automotive  and  manufac¬ 
turing  sectors  for  product  de¬ 
sign  and  production  functions. 
But  companies  in  other  sectors 
can  benefit  from  the  technology 
as  well. 

The  development  team  in¬ 
volved  in  the  construction  of 
Terminal  5  at  London’s  Heath¬ 
row  Airport,  for  instance,  is 
using  PLM  software  from  UGS 
PLM  Solutions  in  Plano,  Texas, 
to  collaborate  on  projects  and 
maintain  schedules. 

Cross-functional  teams  from 
construction  group  Laing 
O’Rourke  Group  and  its  partners 
Connell  Mott  MacDonald  and 
Strategic  Project  Solutions  Inc. 
(SPS)  use  l-deas  3-D  prototyp¬ 
ing  software  from  UGS  to  create 
and  review  simulations  of  indi¬ 
vidual  construction  processes. 

“It  is  a  very  complex  process 
involving  multiple  stakeholders 


and  various  companies  located 
throughout  the  U.K.,"  said  Alex 
Kunz,  a  design  engineer  at  San 
Francisco-based  SPS. 

“It  was  really  adopted  more 
as  a  construction-site  tool  to  aid 
in  the  detailed  engineering  of 
the  project,”  Kunz  said.  “The  im¬ 
pact  was  the  construction  site 
was  able  to  produce  the  infor¬ 
mation  it  required  on  demand.” 
Without  such  a  tool,  there  would 
have  been  significant  delays  in 
accessing  needed  technical 
information,  he  added. 

With  a  project  the  size  and 
complexity  of  the  one  at  Heath¬ 
row,  it’s  a  good  idea  to  use  PLM 
software,  said  Michael  Burkett, 
an  analyst  at  AMR  Research. 
“Any  kind  of  major  equipment 
design  or  construction  project 
that  involves  a  lot  of  complex 
mechanical  systems  and  mater¬ 
ial  handling”  can  benefit  from 
such  tools,  he  said. 

-  Jaikumar  Vijayan 
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Users  Seek  Relief 
From  SCO’s  Suits 

OaimlerChrysier  AG,  one  of  the 
two  Linux  users  sued  by  The  SCO 
Group  inc.  in  March  [QuickLink 
45249],  has  asked  a  state  judge 
in  Michigan  to  dismiss  the  case 
because  the  automaker  doesn’t 
use  any  software  owned  by  SCO. 
The  other  user,  Memphis-based 
AutoZone  Inc.,  has  asked  a  feder¬ 
al  judge  in  Nevada  to  put  its  case 
on  hold  until  a  series  of  Linux- 
related  lawsuits  pitting  SCO 
against  IBM,  Novell  Inc.  and  Red 
Hat  Inc.  are  resolved. 


DaimlerChrysler 
Outsources  to  EDS 

In  other  news,  DaimlerChrysler 
announced  an  outsourcing  and  IT 
services  deal  with  Electronic  Data 
Systems  Corp.  EDS  will  oversee 
management  of  hardware  opera¬ 
tions  and  server-based  software 
at  DaimlerChrysler’s  Michigan 
facilities  as  part  of  the  deal, 
which  will  also  include  a  server 
consolidation  program.  The  finan¬ 
cial  terms  weren’t  disclosed. 


IBM  Extends  Morgan 
Stanley  Agreement 

IBM  said  it  has  extended  a  5- 
year-old  IT  services  agreement 
with  Morgan  Stanley  and  changed 
the  deal  from  a  fixed-cost  con¬ 
tract  to  one  with  a  variable  cost 
structure  based  on  resource  uti¬ 
lization.  The  New  York-based 
financial  services  firm  will  also 
share  a  data  center  with  other 
IBM  clients  instead  of  having  a 
dedicated  one.  IBM  estimated 
that  the  contract  will  be  worth 
$575  million  over  five  years. 


Short  Takes 

MICROSOFT  CORP.  said  it  has  de¬ 
layed  the  planned  release  of  Ser¬ 
vice  Pack  2  for  Windows  XP  from 
June  to  “sometime  in  the  third 
quarter”  because  the  update 
needs  more  testing  and  modifica¬ 
tions _ UNISYS  CORP.  is  setting 

up  a  technology  development  lab 
in  Bangalore,  India. 
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A  Simple  Solution  to 
Moving  IT  Jobs . . . 

. . .  offshore  is  to  make  U.S.  developers’  salaries  more  com¬ 
petitive.  But  who  wants  to  take  pay  cuts?  Plenty  of 
you,  it  seems.  That’s  the  discovery  made  by  Mark 
Jennings,  a  vice  president  at  Synergroup  Systems 
Inc.  in  Aliso  Viejo,  Calif.  His  company  augments  per¬ 
sonnel  shortages  in  IT  shops  with  U.S.-based  work¬ 
ers  —  a  rare  phenomenon  of  late.  But,  Jennings  says, 


“if  you’re  willing  to  let  them 
work  from  home,”  U.S.  pro¬ 
grammers  will  take  wages 
that  are  competitive  with 
those  of  workers  in  Bangalore. 
How  competitive?  How  about 
$38  per  hour?  That’s  what  Jen- 
nings  proved  with  three  pilot 
projects  using  mainframe  de¬ 
velopers  with  15  to  20  years  of 
experience.  Two  of  the  com¬ 
panies  signed  follow-on  con¬ 
tracts  with  Synergroup  and 
kept  the  jobs  that  were  once 
destined  for  overseas  inside 
the  U.S.  Jennings  says  he  ini¬ 
tially  thought  that  most  of  the 
developers  he’d  recruit  would 
be  “between  the  coasts,  where 
the  cost  of  living  is  lower.” 

So  he  was  surprised  when  he 
found  many  willing  program¬ 
mers  who  live  in  pricey  Los 
Angeles.  Given  that  U.S. 
workers  are  willing  to  be  flex¬ 
ible  on  wages,  Jennings  thinks 
CIOs  “should  look  in  their 
own  backyard”  before  choos¬ 
ing  overseas  staff. 


Look  to  offshore 
companies  for  jobs . . . 

. . .  in  the  U.S.,  suggests  the 
Organization  for  International 
Investment,  a  Washington- 
based  group  representing 
120  foreign  subsidiaries  doing 
business  in  the  U.S.  Accord¬ 
ing  to  the  OFII,  these  sub¬ 
sidiaries  employed  more  than 
a  half-million  IT  workers 
here  last  year.  Better  still,  it 
said  foreign  subsidiaries  pay 
on  average  19%  more  than 
cheap  U.S.  firms.  To  date,  no 
Indian-owned  subsidiary  be¬ 
longs  to  the  OFII. 

IT  helps  VC 
dream  IPO . . . 

. . .  once  again.  Venture  capi¬ 
talist  Mark  Levine,  managing 
director  of  Core  Capital  Part¬ 
ners  LP  in  Washington,  esti¬ 
mates  that  90%  of  start-up 
companies  that  achieve  suc¬ 
cess  today  do  so  by  a  merger 
or  acquisition.  Mergers  and 


.  IPOs 

are  back,  baby! 


acquisitions  in 
the  past  ac¬ 
counted  for 
only  about  half 
of  these  fruitful 
“exit  strate¬ 
gies,”  with  the 
other  half  of 
the  best  high- 
tech  start-ups 
going  public.  Levine  sees 
signs  of  a  swing  back  toward 
that  50/50  split,  though  the 
breakdown  may  be  closer  to 
60%  mergers  and  acquisitions 
and  40%  initial  public  offer¬ 
ings.  IT  managers  help  ven¬ 
ture  capitalists  determine  not 
only  the  viability  of  potential 
investments,  but  also  the  exit 
strategies  for  current  ones  by 
explaining  how  they  would 
buy  a  young  vendor’s  prod¬ 
uct,  Levine  says.  For  example, 
if  you  say  a  product  is  ideally 
suited  for  a  direct  sales  mod¬ 
el,  that  start-up  might  need 
more  capital  and  be  more 
prone  to  an  IPO.  But  a  com¬ 
pany  that  has  technology 
that’s  ideal  for  integrators 
may  be  a  good  candidate 
for  a  merger  and  acquisition. 

Massive  Bl  queries 
answered . . . 

...  in  the  blink  of  an  eye.  That’s 
the  charter  of  Herndon,  Va.- 
based  Clareos  Inc.  The  busi¬ 
ness  intelligence  company 
uses  cheap  Intel  boxes  in  a 
massively  parallel  processing 
configuration  to  swiftly  ana¬ 
lyze  gobs  of  data.  CEO  Steve 
Foley  claims  that  his  software, 
CrossCut,  can  slice  through 
2TB  of  data  strewn  across 
16  billion  rows  in  a  table  to  ex¬ 
tract  an  answer  faster  than  any 
competitor.  If  you  want  even 
more  speed,  you  only  need  to 
add  another  low-cost  server  to 
share  the  load.  And 
those  low-cost  servers 
will  be  even  cheaper  in 
August,  when  Clareos 
plans  to  ship  CrossCut 
2.0,  which  will  run  on 
64-bit  Linux  machines. 

Pricing  starts  around 

$200,000. 


NetScaler  knocks 
F5’s  tardy . . . 

. . .  addition  of  compression  to 
its  network  load-balance  tech¬ 
nology.  Mark  Weiner,  a  vice 
president  at  Santa  Clara, 
Calif.-based  NetScaler  Inc., 
claims  that  F5  Networks  Inc. 
“is  late  for  this  [compression] 
game.”  Seattle-based  F5  has 
said  compression  will  be 
added  to  its  technology  soon. 
But  Weiner  boasts  that  with 
this  week’s  announcement  of 
an  upgrade  to  the  NetScaler 
9000  network  traffic  manage¬ 
ment  appliance,  F5  is  even 
further  behind.  NetScaler 
AppCompress,  part  of  the 
July  release,  will  compress  all 
TCP-based  applications,  not 
just  HTTP  data.  The  upgrade 
also  includes  AppDefend, 
which  can  inspect  packet 
payloads  and  apply  security 
policies  to  them.  The  Net¬ 
Scaler  9000  starts  at  $115,000. 


NUMBER 
OF  VIRUSES, 
TROJANS  AND 
WORMS  RE¬ 
LEASED  PER 
MONTH. 


Don’t  rely  on  technology 
to  defend . . . 

. . .  your  systems  from  viruses, 
Trojan  horses  and  worms.  That’s 
the  advice  of  John  Watters, 
CEO  of  iDefense  Inc.  in  Re- 
ston,  Va.  Antivirus  technolo¬ 
gies,  he  deadpans,  “are  the 
first  to  tell  you  that  your 
house  has  burned  down.”  But 
you  need  to  know  about  prod¬ 
uct  vulnerabilities  before  they 
are  exploited  by  crackers.  For 
that  you  need  human  intelli¬ 
gence  evaluating  products  tar¬ 
geted  by  bad  guys.  That’s 
what  his  iAlert  service  does 
for  1,500  products  from 
83  vendors  while  sup¬ 
plying  links  to  patches. 
And  through  its  part¬ 
nership  with  Secure 
Elements  Inc.  in  nearby 
Herndon,  patch  up¬ 
dates  can  be  done  auto¬ 
matically.  O  46550 
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Health  Care  IT  Plans 
Get  a  Renewed  Push 

Bush,  industry  groups  try  to  jump-start 
adoption  of  new  medical  technologies 


BY  BOB  BREWIN 

SEVERAL  SLOWLY 

emerging  health  care 
technologies  were  giv¬ 
en  stimulants  last 
week,  as  President  Bush  called 
for  the  development  of  elec¬ 
tronic  medical  records  and 
two  health  care  industry 
groups  took  steps  to  encour¬ 
age  the  use  of  automated  pre¬ 
scription-ordering  systems 
and  bar  coding  on  drugs. 

In  a  speech  last  Monday, 
Bush  described  paper-based 
approaches  to  maintaining 
medical  records  as  “antiquat¬ 
ed”  and  said  that  within  10 
years,  he  wants  all  U.S.  citi¬ 
zens  to  have  electronic 
records  that  can  be  transmit¬ 
ted  among  health  care 
providers.  Use  of  the  technol¬ 
ogy  could  reduce  annual 
health  care  costs  “by  billions 
of  dollars,”  Bush  proclaimed. 

In  a  related  development  on 
Friday,  the  Washington-based 
Joint  Commission  on  Accredi¬ 
tation  of  Healthcare  Organiza¬ 
tions  closed  the  public  com¬ 
ments  period  on  a  proposed 
rule  that  seeks  to  jump-start 
the  use  of  bar-coding  technol¬ 
ogy  by  hospitals  to  correlate 
patient  identification  data 
with  medications.  The  rule 
would  require  the  use  of  bar 
codes  by  January  2007  to  en¬ 
sure  that  patients  receive  the 
correct  medications. 

Also  last  week,  The  Leap¬ 
frog  Group,  a  Washington- 
based  organization  made  up  of 
150  large  employers  and  insur¬ 
ers,  said  it  plans  to  start  post¬ 
ing  on  its  Web  site  the  results 
of  surveys  it  conducts  to  see 
whether  hospitals  have  adopt- 

DIFFERENCE  OF  OPINION 

Where  health  care  companies  should  start 
in  better  automating  their  operations 
depends  on  whom  you're  talking  to: 
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ed  30  patient-safety  practices, 
including  the  use  of  comput  ¬ 
erized  physician  order  entry7 
(CPOE)  systems.  Leapfrog  of¬ 
ficials  said  the  postings  are  an 
effort  to  steer  patients  to  hos¬ 
pitals  that  have  instituted  the 
procedures  it  recommends. 

Dr.  Brian  Jacobs,  director  of 
technology  and  patient  safety 
at  Cincinnati  Children’s  Hos¬ 
pital  Medical  Center,  said  the 
separate  developments  “lit  a 
fire  underneath  health  care 
IT.”  But  Jacobs  cautioned  that 
development  of  truly  portable 
electronic  medical  records 
could  take  more  than  10  years. 
He  said  his  hospital  has  diffi¬ 
culty  exchanging  information 
among  four  internal  systems 
from  different  vendors,  let 
alone  with  other  hospitals. 
Jacobs  added  that  although 


technologies  such  as  electron¬ 
ic  medical  records  and  CPOE 
could  improve  patient  safety, 
it’s  difficult  to  pinpoint  a  hard- 
dollar  return  on  investment 
that  health  care  providers 
could  get  from  such  projects 
—  other  than  a  potential  re¬ 
duction  in  lawsuits  stemming 
from  medical  errors. 

But  the  Center  for  Informa¬ 
tion  Technology  Leadership, 
an  organization  in  Wellesley, 


Mass.,  that’s  backed  by  Part¬ 
ners  Healthcare  System  Inc. 
in  Boston,  has  identified  a  to¬ 
tal  of  $86  billion  in  annual  sav¬ 
ings  that  hospitals,  insurers 
and  other  industry  partici¬ 
pants  could  realize  by  stan¬ 
dardizing  the  exchange  of  in¬ 
formation,  said  Eric  Pan,  a  re¬ 
searcher  at  the  center. 

The  U.S.  Department  of 
Health  and  Human  Services 
last  year  commissioned  a  unit 
of  the  National  Academy  of 
Sciences  in  Washington  to  de¬ 
sign  a  model  of  an  electronic 
patient  record  that  health  care 
companies  could  use  at  no 
charge  [QuickLink  39674]. 

Increased  attention  to  stan- 


TIMELINE 


dards  is  essential  to  developing 
a  national  electronic  records 
system,  said  James  Mormann, 
CIO  at  Iowa  Health  System  in 
Des  Moines.  Health  care  pro¬ 
fessionals  and  technology  ven¬ 
dors  have  yet  to  agree  on  the 
definition  of  an  electronic 
medical  record,  he  said. 

Michael  Myers,  vice  presi¬ 
dent  and  general  manager  of 
McKesson  Corp.’s  Horizon 
Clinical  Solutions  division, 
said  there  currently  are  “broad 
variables”  in  the  format  of 
electronic  records,  ranging 
from  an  intelligent  card  that’s 
packed  with  patient  data  to 
Web-based  medical  records. 

©  46587 


Health  Care  IT  Developments 


■■  A  group  of  hospitals,  federal 
agencies  and  IT  vendors  launch  a 
pilot  network  to  serve  as  a  testbed 
for  proposed  technology  standards. 


The  Food  and  Drug  Administration  man¬ 
dates  that  by  April  2006,  pharmaceutical 
companies  must  apply  bar  codes  to 
thousands  of  drugs  dispensed  in  hospitals. 


■«  President  Bush  unveils  a 
plan  to  promote  develop¬ 
ment  of  portable  electronic 
medical  records. 


JUNE  2003 

JULY  2003 

FEBRUARY  2004 

APRIL  2004 

The  Department  of  Health  and  Human  Services 
commissions  development  of  a  standardized 
model  of  an  electronic  medical  record. 


Health  care  accreditation  group  proposes  a 
rule  that  would  require  hospitals  to  use  bar¬ 
code  technology  to  match  drugs  and  patients. 


Citrix  Shifts  Focus  to  Remote  Access 

Wants  to  move 
past  server-based 
app  delivery 

BY  PATRICK  THIBODEAU 

Citrix  Systems  Inc.  is  setting 
its  sights  beyond  server-based 
application  delivery  to  the 
desktop,  with  a  new  focus  on 
delivering  applications  to  a 
variety  of  devices  and  provid¬ 
ing  secure  remote-access  ca¬ 
pabilities. 

The  new  focus  yielded  last 
week’s  release  of  MetaFrame 
Access  Suite  3.0.  The  update 
to  Citrix’s  flagship  product  in¬ 
cludes  session-persistent  fea¬ 
tures  that  automatically  re¬ 
establish  network  connections 
while  preserving  information 
when  a  connection  is  lost. 

Remote  access  is  “what’s 
driving  our  strategy,”  said 
Mark  Templeton,  CEO  of  the 
Fort  Lauderdale,  Fla.-based 
company.  Access  to  applica¬ 


tions  from  remote  locations  is 
increasingly  a  “strategic  ele¬ 
ment”  in  a  business’s  IT  infra¬ 
structure,  he  said. 

It’s  a  message  that  makes 
sense  to  Charles  Redding,  CIO 
at  Masco  Contractor  Services 
Inc.,  a  unit  of  Taylor,  Mich.- 

based  Masco  _ 

Corp.  Redding 
said  he  intends  to 
use  Citrix’s  re¬ 
mote  capabilities 
in  his  fleet  of  more 
than  8,000  vehi¬ 
cles. 

Masco  already 
has  Global  Posi¬ 
tioning  System 
units  deployed  in 
company  vehicles  but  wants 
to  extend  application  access  to 
those  trucks.  Redding  is  inves¬ 
tigating  the  possibility  of  out¬ 
fitting  his  vehicles  with  hand¬ 
held  devices  or  tablet  comput¬ 
ers  with  touch  screens. 

“We’re  blue-collar  workers 


—  our  guys  are  not  good  typ¬ 
ists,”  he  said. 

Having  that  capability 
would  allow  Masco  to  send 
new  assignments  to  each 
truck.  And  as  materials  are 
used  on  a  job,  inventory  could 
be  updated  in  real  time,  said 

_  Redding.  The 

company  is  also 
investigating  in¬ 
tegration  of  a 
voice-over-IP 
system. 

Redding  said 
he’s  convinced 
the  Citrix  tech¬ 
nology  will  work 
and  wants  to  de¬ 
ploy  it  over  the 
next  year.  The  question  is 
whether  the  company  can 
achieve  network  coverage  that 
reaches  at  least  60Kbit/sec. 
“The  only  thing  that  scares  us 
is  the  coverage  area,”  he  said, 
noting  that  the  return  on  in¬ 
vestment  will  depend  on  the 


cost  of  the  network. 

Citrix  primarily  supports 
Microsoft  Windows  but  also 
supports  major  Unix  variants 
including  IBM’s  AIX,  Sun’s  So¬ 
laris  and  HP-UX. 

While  its  server-based  sys¬ 
tem  delivers  applications  to  a 
Linux  desktop,  Citrix  doesn’t 
currently  support  Linux  on 
the  server. 

There  are  still  too  few  en¬ 
terprise  Linux  applications  to 
make  that  viable,  said  Bob 
Kruger,  Citrix’s  chief  technol¬ 
ogy  officer.  “Until  that  comes 
and  we  see  that  demand”  for 
Linux  support,  “there’s  no 
point,”  he  said. 

It  would  take  only  about  six 
months  to  roll  out  Linux  sup¬ 
port  once  the  need  was  identi¬ 
fied,  said  Kruger.  ©  46581 

MORE  ONLINE 

Citrix  CEO  Mark  Templeton  talks  about 
enterprise  vendors,  Microsoft  and  the 
philosophy  of  nonalignment: 
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"We  have  a  motto  that  says  IT  will  not 
stand  in  the  way  of  what  the  business 

needs  tO  do."  —  Robert  Otto 


Robert  Otto 
CIO  and  CTO 

The  United  States  Postal  Service, 

Washington,  D.C. 

Robert  Otto  started  his  professional  career 
as  a  clerk.  Today  he  is  the  CIO  and  CTO  of  the 
United  States  Postal  Service®,  which  processes 
about  55  percent  of  the  world's  daily  mail 
volume.  Tasked  with  reengineering  the  USPS's 
technology  infrastructure,  he's  led  an  effort  to 
consolidate  and  centralize  disparate  systems, 
standardize  tools  and  vendors,  upgrade  the 
network,  and  embrace  the  Web  and  wireless 
technology. 

Otto  and  his  team  have  built  an  advanced 
computing  environment  that  has  saved  the 
USPS®  some  $50  million  annually.  More  than 
30  Web-enabled  self-service  applications  help 
employees  manage  items  such  as  health 
benefits  and  life  insurance,  as  well  as  training 
on  demand. 

Last  year,  more  than  176  million  consumers 
used  the  usps.com  website.  The  USPS  also  intro¬ 
duced  a  hugely  popular  desktop  service  called 
Click-N-Ship®,  which  allows  mailers  to  create 
their  own  shipping  labels. 

Great  Moment  at  Work:  "Seeing  the 
positive  impact  this  project  has  had  on  the 
employees  and  customers  of  the  USPS." 

Microsoft  Office  System  salutes  those  who 
have  done  great  work  in  the  IT  field. 


Great  Moments  at  Work. 

Success  Stories  of  an  IT  Hero 
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Microsoft  Acquires 
Apps,  Query  Tools 

Microsoft  Corp.  said  it  has  ac¬ 
quired  ActiveViews  Inc.  and  will 
add  the  Provo,  Utah-based  com¬ 
pany’s  query  and  reporting  tools 
to  its  SQL  Server  Reporting  Ser¬ 
vices  software.  Microsoft  has  also 
agreed  to  buy  purchase-order  and 
cash-flow  management  software 
that  works  with  its  Great  Plains 
business  applications  from  En¬ 
core  Business  Solutions  Inc.  in 
Winnipeg,  Manitoba.  Financial 
terms  weren’t  disclosed. 


Dell  Wins  PC  Deal 
With  Pennsylvania 

Dell  Inc.  said  it  has  signed  a  PC 
hardware  and  IT  services  con¬ 
tract  with  Pennsylvania’s  state 
government  that  could  be  worth 
up  to  $144  million  over  four 
years.  The  deal  includes  desktop 
and  notebook  PCs,  plus  monitors. 
The  state  will  buy  products  direct¬ 
ly  from  Dell  and  then  offer  vol¬ 
ume-pricing  deals  to  agencies. 


Nasdaq  Tests  for 
Disaster  Recovery 

Nasdaq  Stock  Market  Inc.  said  it 
had  zero  downtime  during  two 
disaster  recovery  tests  that  in¬ 
volved  its  data  centers  and  sys¬ 
tems  at  50  financial  services 
firms.  The  tests  were  designed  to 
check  whether  transaction  and 
reporting  processes  would  func¬ 
tion  in  a  disaster.  The  tests  were 
done  at  Nasdaq’s  primary  data 
center  in  Connecticut  in  February 
and  at  its  backup  facility  in  Mary¬ 
land  last  month. 


Short  Takes 

Struggling  software  vendor  i2 
TECHNOLOGIES  INC.  said  it  will 
get  a  $100  million  cash  infusion 
from  Q  Investments  Ltd.  in  Fort 
Worth,  Texas,  plus  $20  million 
from  CEO  Sanjiv  Sidhu. . . .  BMC 
SOFTWARE  INC.  said  it  will  buy 
management  tools  vendor 
MARIMBA  INC.  in  Mountain  View, 
Calif.,  for  $239  million  in  cash. 
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Nortel  Ousts  CEO  Amid 
Cloudy  Financial  Picture 

Two  other  execs  fired;  vendor  delays 
Q1  numbers,  will  revise  2001-’03  results 


BY  MATT  HAMBLEN 
AND  LAURA  ROHDE 

ORTEL  NETWORKS 
Ltd.,  which  is  being 
investigated  for 
possible  accounting 
improprieties  by  securities 
regulators  in  both  the  U.S.  and 
Canada,  last  week  fired  CEO 
Frank  Dunn  as  well  as  its  chief 
financial  officer  and  its  corpo¬ 
rate  controller. 

Nortel  also  delayed  the  re¬ 
lease  of  its  first-quarter  finan¬ 
cial  results,  which  was  due  to 
take  place  last  week,  and  said 
it  will  have  to  revise  the  num¬ 
bers  it  reported  for  all  four  of 
last  year’s  quarters  and  for 
2002  and  2001. 

Dunn,  CFO  Douglas  Beatty 
and  controller  Michael  Gollo- 
gly  were  all  “terminated  for 
cause”  as  part  of  an  ongoing 
internal  review  by  the  compa¬ 
ny’s  audit  committee,  Nortel 
said.  Beatty  and  Gollogly  had 


been  on  paid  leaves  of  absence 
since  March  15.  Brampton, 
Ontario-based  Nortel  made 
their  interim  replacements 
permanent  and  named  board 
member  William  Owens  CEO. 

John  Haltom,  network  direc¬ 
tor  at  Erlanger  Health  System 
in  Chattanooga,  Tenn.,  has 
made  a  $2.5  million 
investment  in  Nor¬ 
tel’s  IP  telephony 
equipment  over  the 
past  year  and  is  run¬ 
ning  eight  separate 
beta  tests  with  Nor¬ 
tel  gear. 

Despite  the  in¬ 
creasing  turmoil  at 
Nortel,  Haltom  said 
Erlanger  is  going 
ahead  with  plans  to 
converge  its  voice 
and  data  networks 
on  the  vendor’s 
technology  across 
17  health  center 


campuses  in  southeastern 
Tennessee. 

“As  far  as  the  Nortel  firings 
and  the  impact  on  us,  we  don’t 
see  any  real  earthshaking  im¬ 
pact,”  he  said.  “Nortel  stock  is 
going  to  tank  again,  but  I  feel 
the  technology  viability  of  the 
company  is  just  as  good  as 
ever.  Their  convergence  mod¬ 
el,  in  my  eyes,  is  the  leader 
of  the  pack  in  terms  of  an  IP 
multimedia  solution.  I  feel 
they  even  have  a 
leg  up  on  Cisco.” 

But  Haltom  said 
he  hopes  Owens 
isn’t  a  “hatchet 
man”  who  will  cut 
jobs  that  affect 
customers. 

Owens  was 
quick  to  try  to  re¬ 
assure  users  like 
Haltom,  as  well  as 
Nortel’s  sharehold¬ 
ers.  “To  our  cus¬ 
tomers  I  say,  ‘We 
will  not  let  this 
distract  us,’  ”  said 
Owens  during  a 


|  teleconference. 

But  Jeffrey  Kagan,  an  inde¬ 
pendent  telecommunications 
analyst  in  Atlanta,  said  the 
shake-up  could  spell  more 
trouble  for  Nortel. 

“The  bad  news  is  this  is  go¬ 
ing  to  be  a  mess  for  Nortel 
for  a  long  time  until  they  sort 
through  it  all,”  Kagan  said. 
“The  good  news  is,  at  this 
point,  it  seems  to  be  a  Nortel- 
specific  issue  and  not  a  gener¬ 
al  industry  issue,  so  hopefully 
it  won’t  negatively  impact  the 
rest  of  the  competitors.” 

Gartner  Inc.  analyst  Mark 
Fabbi  predicted  that  the  man¬ 
agement  o  verhaul  will  have  a 
severe  effect  on  user  confi¬ 
dence  in  Nortel. 

“The  firings  undermine  all 
the  positive  momentum  it 
seemed  like  Nortel  had  creat¬ 
ed  with  enterprise  customers 
and  wireless  [technology]  in 
the  last  year,”  Fabbi  said. 

Owens  and  the  other  new 
executives  are  “not  people 
who  are  known  for  their  tech¬ 
nology  vision,”  he  added. 
“They  are  interim  folks  hired 
to  clean  house,  and  then  we’ll 
see  what  happens  in  a  year  or 
so.”  ©  46579 


Rohde  writes  for  the  IDG  News 
Service. 


H  To  our 
customers 
I  say, ‘We  will  not 
let  this  distract  us.’ 


WILLIAM  OWENS, 
CEO,  Nortel  Networks 


MCI  Expands  Managed 
Security  Services  Offerings 


BY  JAIKUMAR  VIJAYAN 

MCI  Inc.  last  week  introduced 
a  range  of  managed  security 
services  aimed  at  delivering 
customized  network  protec¬ 
tion  for  business  users. 

The  new  offerings  include 
intrusion  protection,  managed 
firewall,  vulnerability  scan¬ 
ning,  antivirus  and  antispam 
services. 

The  company  also  an¬ 
nounced  a  partnership  with 
security  vendor  VeriSign  Inc. 
under  which  the  two  compa¬ 
nies  will  deliver  a  co-branded 
user-authentication  service 
based  on  public-key  infra¬ 
structure  (PKI)  technologies. 

“We  needed  items  in  our 
portfolio  for  [companies  of] 
different  sizes  and  needs,”  said 


Tom  Walton,  vice  president 
of  security  services  at  MCI, 
formerly  known  as  World¬ 
Com  Inc. 

MCI’s  move  to  expand  its 
security  offerings  isn’t  surpris¬ 
ing,  said  Pete  Lindstrom,  an 
analyst  at  Malvern,  Pa.-based 
Spire  Security  LLC.  “The  mar¬ 
ket  for  security  services  is  hot. 
MCI  wants  in  on  that,”  he  said. 

Network  Monitoring 

With  its  intrusion-protection 
and  vulnerability-scanning 
services  to  be  launched  later 
this  month,  the  company  will 
provide  users  with  round-the- 
clock  network  monitoring 
services  that  can  proactively 
identify  and  mitigate  threats. 
MCI  has  also  teamed  up  with 


MessageLabs  Ltd.  in  Glouces¬ 
ter,  England,  to  offer  an  e-mail 
scanning  service  for  dealing 
with  viruses  and  spam. 

Meanwhile,  MCI’s  partner¬ 
ship  with  Mountain  View, 
Calif.-based  VeriSign  is  de¬ 
signed  to  allow  the  company 
to  offer  digital-certificate- 
based  authentication  and 
digital  signature  support  for 
e-mail  and  Web  applications. 


MCI’s  New 
Services  Include: 

■  A  PKI-based  authentication 
service  with  VeriSign 


■  An  e-maii  filtering  service 
with  MessageLabs 

■  Network  vulnerability  scanning 
with  Internet  Security 
Systems 


■  Intrusion-detection  and 
-prevention  services 


Stronger  authentication  ser¬ 
vices  such  as  those  being  of¬ 
fered  by  VeriSign  and  MCI  are 
going  to  be  “incredibly  impor¬ 
tant”  as  companies  move  to¬ 
ward  Web  services  and  wire¬ 
less  Web  applications,  said 
Paula  Arcioni,  identity  man¬ 
agement  services  manager  for 
the  state  of  New  Jersey  in 
Trenton. 

MCI’s  offering  of  a  managed 
PKI-based  authentication  ser¬ 
vice  is  “very  interesting,”  she 
said.  The  state  government  is 
using  a  VeriSign-enabled  PKI 
infrastructure  to  support  sev¬ 
eral  applications  requiring  the 
use  of  digital  certificates  and 
electronic  signatures. 

Prices  for  MCI’s  e-mail 
services  range  from  98  cents  to 
$2.70  per  user  per  month.  Man¬ 
aged  PKI  starts  at  less  than  $1 
and  goes  up  to  $5  per  user  per 
month.  Setup  charges  can  cost 
up  to  $100,000.  ©  46576 
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Welcome  To  Your  New  Office. 


On  The  Go  E-mail  Access  From  Verizon  Wireless. 

Keep  your  employees  connected  to  important  e-mail,  schedules  and  contacts  with  VZEmaiir  Verizon  Wireless 
now  offers  the  latest  PDAs  and  Smartphones  complete  with  Wireless  Sync.  Making  work  more  productive, 
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we  mean  business. 
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CAs  New  Sales  Chief  Speaks  Out 
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BY  DON  TENNANT 

Computer  Associates  Interna¬ 
tional  Inc.  last  week  announced 
that  Stephen  Richards,  who 
was  in  charge  of  CA’s  global 
sales  team  during  the  period 
in  which  contracts  were 
backdated  to  inflate 
quarterly  earnings,  re¬ 
signed  from  his  position 
as  senior  vice  president 
for  worldwide  sales 
[QuickLink  46450]. 

Replacing  Richards  is 
Greg  Corgan,  a  24-year 
IBM  veteran  who  joined 
CA  last  year  as  senior 
vice  president  of  North  Ameri¬ 
can  sales.  Just  hours  after  his 
appointment  was  announced, 
Corgan  spoke  with  Computer- 
world  about  going  into  the 
high-profile  job  at  a  turbulent 
time  in  the  company’s  history. 

You’re  replacing  a  guy  who  re¬ 
signed  after  having  been  in  the  po¬ 
sition  when  the  improper  account¬ 
ing  activity  took  place.  How  diffi¬ 
cult  do  you  think  your  new  job  will 


be  under  the  circumstances? 

I  don’t  think  it’ll  be  difficult. 
That  was  four  years  ago.  We’ve 
totally  revamped  the  business 
model;  we  have  a  whole  differ¬ 
ent  way  of  recognizing  revenue 
and  accounting  for 
what  we  do  in  our  busi¬ 
ness.  So  that’s  not  even 
an  issue  anymore. 

What’s  the  most  fre¬ 
quently  expressed  con¬ 
cern  you’re  hearing  from 
CA’s  customers  right 
now?  I’ve  got  to  tell 
you,  the  discussion 
around  this  [improper  account¬ 
ing  and  consequent  manage¬ 
ment  reshuffling]  stuff  from 
customers  is  negligible.  Up 
until  10  days  ago,  in  the  year 
I  was  out  here,  I  never  heard 
anything.  In  the  past  10  days, 
folks  have  asked  what  it’s  all 
about  as  more  has  hit  the  press. 
[They’ve  asked,]  “What’s  really 
behind  the  scenes?  What  do 
you  think  the  real  issues  are?” 
So  they  ask  about  that,  but 


they’re  very  brief  discussions. 

Do  you  think  there  are  any  linger¬ 
ing  pockets  of  the  old  CA  mind-set 
in  the  field  or  the  channel  that  you 
need  to  deal  with?  Well,  I’ve 
been  out  there  now  for  a  year, 
and  there  always  have  been 
some  little  pockets  of  the  old 
CA,  more  from  a  philosophical 
mind-set  than  anything  else.  I 
think  we’ve  managed  to  fairly 
well  face-lift  most  of  those. 

For  the  ones  that  have  not  seen 
the  light,  what  do  you  need  to  do? 

There  aren’t  that  many  of 
them.  Mostly  it’s  jawboning 
and  discussions  on,  “Look,  we 
put  the  customer  at  the  center 
of  what  we’re  trying  to  do.  We 
try  and  adapt  to  the  business 
issues  and  the  business  proc¬ 
esses  those  customers  are 
dealing  with.  We  try  and  be  as 
accommodating  as  possible  in 
terms  of  mapping  into  their 
whole  IT  business.  It  doesn’t 
mean  it’s  a  yes  to  everything, 
but  that’s  the  attitude. 


Have  you  had  to  replace  people  for 
not  seeing  the  light?  Very  rarely. 

What  do  you  think  you  bring  from 
IBM  that  will  be  of  greatest  benefit 
to  CA  and  its  customers?  A  sense 
of  account  management;  a 
sense  of  how  important  it  is  to 
build  relationships,  to  under¬ 
stand  the  customer’s  business. 
And  as  a  result  of  understand¬ 
ing  that  business,  to  bring 
proactive  solutions  to  the 
table.  [CA’s]  heritage  has  been 
one  of  being  product  sales¬ 
men,  as  opposed  to  trying  to 
understand  the  customer’s 
business  and  relate  technolo¬ 
gy  issues  to  solving  those 
business  problems. 

Mark  Barrenechea,  CA’s  senior 
vice  president  for  product  devel¬ 
opment,  told  me  last  week  that  he 
thinks  software  is  an  “after¬ 
thought”  at  IBM  [QuickLink 
46426].  Was  that  your  experi¬ 
ence?  What  he  means  by  that  is 
if  you  look  at  the  big  pieces  of 
the  business  at  IBM,  services  is 


a  $40  billion  business;  the 
hardware  business  I  think  is 
about  $28  billion;  and  a  $15  bil¬ 
lion  software  business  you 
might  put  in  the  “afterthought” 
category.  I  did  tell  him  this: 
While  it  may  be  the  lowest  rev¬ 
enue  component  of  the  busi¬ 
nesses,  it  contributes  the  most 
profit  in  that  organization. 


So  why  does  CA  need  a  COO  now? 

Because  I  think  with  [interim 
CEO]  Ken  [Cron]  coming  in 
and  he  not  being  as  familiar 
with  the  business  as  Sanjay 
was,  having  an  operational  fo¬ 
cus  as  well  as  a  strategic  focus 
makes  sense.  ©  46517 


MORE  ONLINE 

To  read  the  full  interview  with  Corgan,  visit 
our  Web  site: 

O  QuickLink  46463 

www.computerworld.com 


You  report  to  Jeff  Clarke,  who  was 
named  chief  operating  officer  [last 
week].  Do  you  think  the  fact  that 
CA  has  been  operating  without  a 
COO  since  2000,  when  Sanjay 
Kumar  became  CEO,  has  hurt  the 
company  in  any  way?  Not  at  all. 
IBM  doesn’t  have  a  COO. 


Offshoring  Foes  Protest 
At  IBM  Annual  Meeting 


Global  strategy 
is  key,  Palmisano 
tells  shareholders 

BY  ELIZABETH  HEICHLER 

PROVIDENCE,  R.l. 

Sporadic  chants  of  “Offshore 
the  CEO!”  rang  out  here  last 
week  as  about  two  dozen 
picketers  representing  a 
group  of  current  and  former 
IBM  employees  welcomed 
attendees  to  the  company’s 
annual  meeting. 

Bearing  signs  that  read 
“America’s  future  is  not  off¬ 
shore,”  “Retrain  for  what?” 
and  “Offshore  CEO  Sam 
Palmisano,”  the  demonstra¬ 
tors  raised  notice  that  the 
politically  controversial  issue 
of  offshoring  would  be  on  the 
table  at  the  meeting,  where 
several  shareholder  proposals 


centered  on  employee  con¬ 
cern  with  the  company’s  labor 
and  executive  compensation 
practices. 

Palmisano  was  able  to 
launch  the  event  at  the  Rhode 
Island  Convention  Center  on  a 
positive  note,  telling  the  ap¬ 
proximately  350  attendees  that 
the  board  of  directors  had  ap¬ 
proved  a  12.5%  dividend  in¬ 
crease,  to  a  regular  quarterly 
cash  dividend  of  18  cents  per 
common  share.  But  Palmisano 
was  also  compelled  to  defend 
the  company’s  strategy  on 
outsourcing,  which  gained  a 
high  profile  after  reports  sur¬ 
faced  that  executives  had  dis¬ 
cussed  moving  a  large  number 
of  jobs  out  of  the  U.S.  to  coun¬ 
tries  such  as  India  [QuickLink 
45446]. 

Palmisano  stressed  the  im¬ 
portance  of  IBM  being  a  glob¬ 


al  company  with  very  strong 
businesses  internationally, 
not  just  in  the  U.S.,  and  said  it 
needs  to  “look  at  a  global  skill 
pool  around  the  world.”  He 
pointed  to  $25  million  the 
company  has  set  aside  for  the 
Human  Capital  Alliance,  a 
skills  retraining  program,  al¬ 
though  he  acknowledged  that 
the  effort  is  just  beginning. 

Cultural  Shift 

However,  it  was  apparent  from 
the  chairman’s  remarks  ex¬ 
tolling  the  benefits  of  open 
markets  and  global  free  trade 
that  IBM  isn’t  turning  back 
from  offshoring. 

“Most  people  recognize  that 
you  can’t  lock  down  jobs,  busi¬ 
nesses  and  skills,  and  you 
can’t  lock  down  nations,” 
Palmisano  said.  And  he 
warned  that  in  managing  an 
enterprise  such  as  IBM,  there 
can  be  “no  emotional  attach¬ 
ment  to  the  things  that  don’t 
represent  your  future.” 

That  lack  of  emotional  at¬ 
tachment  rankled  some  long¬ 


time  IBM  employees,  who  said 
they  have  seen  a  shift  in  the 
corporate  culture. 

Michael  Saville,  a  former 
employee  who  spent  32  years 
with  the  company,  traveled 
from  his  home  in  Salt  Lake 
City  to  protest  what  he  sees  as 
a  fundamental  shift  at  IBM. 
The  company  treats  its  work¬ 
ers  “like  commodities,  not  like 
assets,”  he  said.  It  can  take  18 
months  to  two  years  to  retrain 


LOCAL  UNIONS  joined  IBM  em¬ 
ployees  in  a  protest  outside  last 
week’s  shareholder  meeting. 


an  IBM  employee  whose  skill 
set  is  in  very  proprietary  tech¬ 
nology,  he  said. 

“IBM  tends  to  say  all  jobs 
are  equal,  but  the  new  jobs 
available  are  at  lower  salaries 
and  fewer  benefits,”  Saville 
said. 

A  current  IBM  employee, 
Bill  Costine,  was  also  part  of 
the  premeeting  demonstration 
over  offshoring.  Costine  does 
AIX  support  at  the  company’s 
Fishkill,  N.Y.,  facility,  and  said 
he  feels  that  his  job  is  relative¬ 
ly  safe  for  the  time  being  be¬ 
cause  it  requires  face-to-face 
interaction  with  U.S.-based 
hardware  engineers.  However, 
the  same  can’t  be  said  for 
many  other  positions. 

“Any  help  desk  job,  any  pro¬ 
gramming  job,  any  software 
design  or  development  job, 
anything  that  doesn’t  involve 
face-to-face  transactions  with 
your  customer”  is  vulnerable, 
he  said.  ©  46518 


Heichler  writes  for  the  IDG 
News  Service. 
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Fortunately  you  have  the  most  manageable 

video  conferencing  systems  in  the  world. 


With  IT  resources  scarcer  than  ever,  you  need  Polycom's  integrated  video  conferencing 
systems.  They're  user  friendly,  easy  to  upgrade,  manage  and  maintain.  Deployment  is 
virtually  "plug  and  play."  And,  monitoring  and  management  is  centralized.  It  all  adds  up 
to  a  great  RO I  for  your  team  and  your  company.  Join  the  millions  of  people  worldwide  that 
already  use  Polycom  and  The  Polycom  Office?'  With  integrated  video,  voice,  data,  and 
Web  applications,  The  Polycom  Office  makes  communicating  as  natural  as  being  there. 

For  more  information  and  your  free  white  paper  "Demystifying  IP  Migration"  visit 
www.polycom.com  or  call  1-877-POLYCOM.  Ask  about  the  outstanding  new  Polycom 
VSX  7000  -  video  conferencing  like  you've  never  seen  it.  Polycom.  The  time  for 
manageable  video  conferencing  is  now. 
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Connect.  Any  Way  You  Want. 
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2003  Polycom,  Inc.  All  rights  reserved.  Polycom  and  the  Polycom  logo  are  registered  trademarks  and  VSX,  Polycom  Office 
and  the  SonndStation  industrial  design  are  trademarks  ol  Polycom,  Inc.  in  the  U.S.  and  various  countries. 
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Based  on  an  IDC  study  of  seven  Red  Hat  Linux  and  IBM  xSeries  customer  implementations  assessed  over  a  three -year  time  frame  at  a  discount  rate  of  10%.  “Linux  and  Intel-Based  Servers:  A  Powerful 
Combination  to  Reduce  the  Costs  of  Enterprise  Computing,"  IDC  white  paper,  sponsored  by  IBM  and  Red  Hat  Corporation,  May  2003,  Results  achieved  may  not  be  typical.  Actual  customer  experience  may 
vary.  Additional  charges  apply.  Standard  support  includes  next-business-day  response  in  some  countries.  IBM,  the  e-business  logo,  eServer.  the  eServer  logo  and  xSeries  are  trademarks  or  registered 


Want  a  server  with  an  impressively  high  return  on  investment?  Try  a  Linux-ready  IBM  eServer  xSeries  system 
with  powerful  Intel®  Xeon™  processors.  An  IDC  study  of  several  companies  running  Linux  on  xSeries  servers  revealed 
that  these  companies  realized  a  high  average  ROI  of  504%  over  three  years.  And,  in  most  cases,  they  achieved 
payback  of  their  initial  investment  in  less  than  three  months'.  That’s  ROI  in  a  jiffy.  For  an  IDC  white  paper  on  Linux 
and  On  Demand,  visit  ibm.com/eserver/advantage 


5  reasons  more  and  more  businesses  are  turning  to  IBM  eServer"  xSeries ®  systems  with  Intel  Xeon  processors. 


Scale  1-16  way  with  select 

IBM  Director  systems 

Broadest  line  of  servers  that 

Mainframe-inspired 

24/7/365  optional  onsite 

models.  Pay  as  you  grow. 

management. 

run  Linux  in  the  industry. 

technologies. 

hardware  support / 

(e)  server’ 


Not  only  are  IBM  eServer  xSeries  systems 
powered  by  Intel  Xeon  processors,  they  raise  the 
question,  how  high  can  you  make  your  ROI? 


trademarks  of  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  Intel,  Intel  Inside,  the  Intel  Inside  logo  and  Intel  Xeon  are  trademarks  or  registered  trademarks 
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All  rights  reserved. 


16  COMPUTERWORLD  May  3, 2004 


NEWS 


www.computerworld.com 
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IT  Auditors 


Others  agreed  that  IT  audit 
professionals  like  Carrera  are 
in  big  demand  as  large  compa¬ 
nies  race  to  document  their 
internal  IT  and  financial  con¬ 
trols  to  meet  the  Sarbanes- 
Oxley  compliance  deadlines 
set  by  the  U.S.  Securities  and 
Exchange  Commission.  The 
deadlines  will  begin  taking  ef¬ 
fect  with  fiscal  years  that  end 
on  or  after  Nov.  15,  so  compa¬ 
nies  that  report  their  results 
on  a  calendar-year  basis  will 
need  to  comply  by  year’s  end. 

The  so-called  Big  Four 
accounting  firms  can’t  find 
enough  people  to  help  their 
clients  do  the  documentation 
work  mandated  by  Section 


Continued  from  page  1 

IBM/EMC 

shots  at  each  other,  the  storage 
rivals  made  dueling  product 
announcements  related  to  vir¬ 
tualization.  IBM  released  an 
upgrade  of  its  TotalStorage 
SAN  Volume  Controller  soft¬ 
ware,  which,  like  other  virtual¬ 
ization  tools,  is  designed  to 
make  disk  arrays  from  differ¬ 
ent  vendors  look  like  a  single 
pool  of  storage  to  users. 

The  Version  1.2  upgrade 
adds  support  for  managing 
EMC’s  Symmetrix  and  Clari- 
ion  disk  arrays  as  well  as  Hi¬ 
tachi  Data  Systems  Corp.’s 
high-end  Lightning  devices, 
IBM  said.  SAN  Volume  Con¬ 
troller  now  also  supports  Net¬ 
Ware  and  Windows  Server 
2003,  plus  server  virtualiza¬ 
tion  software  from  EMC  sub¬ 
sidiary  VMware  Inc. 

Not  to  be  outdone,  EMC 
said  at  its  annual  user  confer¬ 
ence  in  Orlando  that  it’s  devel¬ 
oping  an  enterprise-class 
“storage  router”  device  that 
will  include  virtualization 
software  for  pooling  data  on 
storage-area  networks  (SAN). 

Beta  testing  will  begin  this 
quarter  with  a  small  number 
of  users,  but  the  product  isn’t 
due  to  ship  until  the  first  half 
of  2005,  according  to  EMC. 

“Clearly,  EMC  is  late  to  mar- 


404  of  Sarbanes-Oxley,  said 
Marios  Damianides,  interna¬ 
tional  president  of  the  Infor¬ 
mation  Systems  Audit  and 
Control  Association  and  the 
Information  Technology  Gov¬ 
ernance  Institute,  which  are 
both  in  Rolling  Meadows,  Ill. 

Damianides,  who  is  also  a 
partner  in  the  technology  and 
security  risk  services  group  at 
Ernst  &  Young  LLP  in  New 
York,  predicted  that  the  short¬ 
age  of  IT  auditors  will  become 
even  more  severe  this  sum¬ 
mer,  when  companies  begin 
testing  their  systems  for  Sec¬ 
tion  404  readiness  in  earnest. 

That  could  pose  a  problem 
for  many  companies  because 
accounting  and  consulting 
firms  are  actively  recruiting 
IT  auditors  from  the  cus¬ 
tomers  they’re  working  with, 


said  Stan  Lepeak,  an  analyst 
at  Meta  Group  Inc. 

“I  think  a  lot  of  IT  depart¬ 
ments  are  going  to  be  late  [in 
complying],  partly  because 
they  started  late  but  also  be¬ 
cause  of  competition  from 
external  auditors,”  he  said. 
“Companies  will  face  some  se¬ 
rious  resource  constraints.” 

Lepeak  and  other  observers 
said  some  experienced  IT  au¬ 
ditors  are  commanding  salary 
increases  of  25%  or  more  from 
recruiters.  In  other  cases, 
companies  are  offering  only 
marginal  salary  increases  but 
are  trying  to  entice  auditors 
with  big  sign-on  bonuses. 

Pam  Downham,  technology 
and  risk  services  people 
leader  at  Ernst  &  Young,  said 
her  company  has  increased 
the  head  count  in  its  IT  risk 


ket,”  said  Jeff  Barnett,  market 
strategy  manager  at  IBM’s 
storage  software  group.  “And 
your  Version  1  product  is  nev¬ 
er  as  good  as  your  third  itera¬ 
tion.  I  think  we’ve  blown  them 
away  in  capability,  and  they 
will  probably  never  catch  up.” 

But  Mark  Lewis,  executive 
vice  president  of  open  soft¬ 
ware  at  EMC,  said  during  an 
interview  at  last  week’s  user 
conference  that  his  company’s 
virtualization  of¬ 
fering  will  have 
more-robust 
functionality  and 
better  scalability 
than  existing 
products  such 
as  IBM’s. 

“We’ve  taken  a 
lot  more  time  than  other  com¬ 
panies  that  have  tried  to  race  a 
product  to  market,”  Lewis 
said.  “I’m  not  worried  about 
time  to  market  on  this  one.” 

He  added  that  the  storage 
virtualization  market  is  still 
immature  and  is  being  hyped 
by  other  vendors. 

EMC’s  storage  router  will 
support  VMware’s  technology, 
be  built  around  industry  stan¬ 
dards  and  be  compatible  with 
storage  switches  from  Brocade 
Communications  Systems  Inc., 
Cisco  Systems  Inc.  and  Mc- 
Data  Corp.,  Lewis  said. 

Russ  Rosen,  CIO  at  online 
furniture  retailer  Rooms  To 


Go  Inc.  in  Seffner,  Fla.,  said  he 
plans  to  install  SAN  Volume 
Controller  next  month  to  mir¬ 
ror  data  from  an  IBM  Shark 
disk  array  in  his  main  data 
center  to  one  of  IBM’s  FAStT 
midrange  storage  devices  at  a 
disaster  recovery  site. 

“You  actually  have  better 
performance  writing  trans¬ 
actions  directly  to  the  SVC 
rather  than  to  the  storage  de¬ 
vice  itself,”  Rosen  said.  “We 

have  several  thou¬ 
sand  transactions 
that  happen  in  our 
warehouse  man¬ 
agement  system, 
and  we  didn’t 
want  to  lose  track 
[of  any]  and  have 
to  rebuild  trans¬ 
actions.” 

Rosen  added  that  with  SAN 
Volume  Controller  in  place,  he 
expects  “to  be  able  to  just  flip 
over  the  [frame-relay]  circuits 
to  the  disaster  recovery  site 
and  have  it  come  right  up.” 

Rick  Villars,  an  analyst  at 
IDC  in  Framingham,  Mass., 
said  he  expects  both  IBM  and 
EMC  to  aim  their  virtualiza¬ 
tion  software  at  data  migra¬ 
tion  uses  in  addition  to  the 
pooling  of  capacity  on  multi¬ 
vendor  SANs.  For  example,  he 
said,  the  tools  could  be  used  to 
move  applications  to  backup 
servers  while  new  systems  are 
being  installed.  046560 


FUTURE  TECHNOLOGY 

EMC  execs  outlined  a  long-term 
development  plan  that  includes 
a  common  user  interface  for  all 
of  its  software: 

O  QuickLink  46561 
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practice  by  30%  over  the  past 
10  months.  It  has  also  more 
than  doubled  the  number  of 
recruiters  who  are  working  for 
the  group  from  eight  to  18 
since  last  August. 

Downham,  who  is  based  in 
Indianapolis,  added  that  the 
IT  risk  unit  still  has  nearly  200 
openings  that  it’s  trying  to  fill 
by  June  30.  “We  continue  to 
hire  like  crazy,”  she  said,  de¬ 
clining  to  disclose  the  IT 
group’s  total  head  count. 

Unlike  Y2k  work,  Sarbanes- 
Oxley  compliance  efforts  are 
expected  to  be  an  ongoing  ex¬ 
ercise  in  which  companies  will 
have  to  document  their  inter¬ 
nal  controls  on  a  quarterly  ba¬ 
sis  and  have  them  certified  by 
external  auditors  annually. 


As  a  result,  there  likely 
won’t  be  a  sudden  drop-off  in 
demand  for  auditors  the  way 
there  was  for  Cobol  program¬ 
mers  after  Jan.  1, 2000.  “There 
will  be  a  bit  of  a  bump  [in  de¬ 
mand]  over  the  next  12  to  18 
months,”  Lepeak  said.  “But 
you’ll  still  need  IT  auditors 
around  to  address  changes 
that  occur  in  the  business.” 

“A  year  ago,  I  talked  to  a 
guy  who  said  that  [Sarbanes- 
Oxley]  would  become  the  ‘full 
employment  act’  for  accoun¬ 
tants  and  lawyers,”  said  Carter 
Priess,  CEO  of  Pace  Solutions 
Inc.,  an  IT  auditing  consultan¬ 
cy  in  Danvers,  Ill.  “My  impres¬ 
sion  today  is  that  SOX  is  the 
full  employment  act  for  IT 
auditors.”  O  46577 


NEW  PRODUCT 


Extreme  Upgrades  Switch 
Software,  Adds  Scalability 


ExtremeWare  X0S 
Version  11.0 

Extreme  Networks  Inc. 

-  I 

■  PRODUCT  SUMMARY:  Santa 
Clara,  Calif. -based  Extreme  today 
plans  to  announce  the  latest  ver¬ 
sion  of  the  operating  system  for 
its  switches.  Extreme  said  the  up¬ 
grade  is  more  scalable  than  the 
current  Version  10.1,  and  it  sup¬ 
ports  open  application  program¬ 
ming  interfaces  and  XML-based 
data,  as  well  as  virtualized 
switching  and  routing.  The  new 
release  will  also  run  on  PC-based 
softswitches  from  Extreme  and 
other  vendors.  In  addition,  it  of¬ 
fers  improved  protection  against 
denial-of-service  attacks. 

■  USER  EXPERIENCE:  Over  the 
next  two  weeks,  Sun 
Microsystems  Inc. 
plans  to  install 
Extreme's  Black- 
Diamond  10K  core 
network  switches 
with  the  latest  op¬ 
erating  system  re¬ 
lease  in  its  Santa 
Clara  data  center, 
which  runs  load 
and  performance 
tests  involving 
thousands  of  Sun 
servers.  Version 


11.0  looks  to  be  resilient  enough  to 
give  technicians  the  ability  to  re¬ 
load  software  test  modules  without 
any  system  downtime,  said  Dean 
Nelson,  a  test  lab  manager  at  Sun. 
“We’re  an  Extreme  and  Cisco 
house,  but  what  I  needed  with  the 
new  Extreme  OS  was  scalability 
and  expandability  and  perfor¬ 
mance,”  Nelson  said. 

■  ANALYST  ASSESSMENT:  The 

biggest  value  of  ExtremeWare  11.0 
isn’t  new  functionality  but  the  fact 
that  Extreme  is  building  a  flexible 
operating  system  that  will  let  devel- 
i  opment  partners  easily  build  appli¬ 
cations  in  areas  such  as  voice  over 
IP  and  intrusion  detection,  said  IDC 
analyst  Abner  Germanow. 

I  -OTHER  VENDORS  IN  THE 
MARKET :  Cisco  Systems  Inc.  and 
Foundry  Networks  Inc., 
among  others. 

■  PRICE:  Included  with 
Extreme’s  switches;  the 
BlackDiamond  10K  se¬ 
ries  starts  at  $100,900. 

■  AVAILABILITY:  Due 

for  release  with  the 
BlackDiamond  switches 
(in  photo)  in  June  and 
with  other  products  later 
in  the  year.  ©  46549 
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BPM  Moves  Beyond  Business 
Intelligence,  Hyperion  CEO  Says 

Claims  user  focus  is  shifting  to  apps 
like  forecasting  and  financial  planning 


BY  MARYFRAN  JOHNSON 

CHICAGO 

Hyperion  Solu¬ 
tions  Corp.  last 
week  held  its  an¬ 
nual  user  confer¬ 
ence  here,  its  first 
since  the  Sunny¬ 
vale,  Calif,  com¬ 
pany  acquired 
query  and  re¬ 
porting  tools 
vendor  Brio  Software  Inc.  in 
October.  At  the  conference, 
Hyperion  CEO  Jeffrey  Rodek 
spoke  with  Computerworld 
about  developments  in  the  mar¬ 


ket  for  decision-support  soft¬ 
ware,  such  as  business  intelli¬ 
gence  and  business  performance 
management  tools. 

When  it  comes  to  using  business 
intelligence  or  BPM  tools  across  a 
corporate  enterprise,  what  kind  of 
impact  are  you  seeing  on  the  rela¬ 
tionship  between  the  CIO  and  the 
CFO?  Today,  these  larger  enter¬ 
prise  systems  —  whether  it’s 
our  Essbase  or  a  large  [finan¬ 
cial]  consolidation  system  — 
are  often  IT’s  way  into  the 
business.  So  IT  is  part  of  the 
evaluation,  part  of  the  solution 


and  ends  up  partnering  with 
the  CFOs.  The  CFOs  realize 
that  if  they’re  going  to  be 
change  agents  for  their  com¬ 
panies  and  affect  things  other 
than  just  for  the  finance  peo¬ 
ple,  they  need  their  partner, 
the  CIO,  to  help  them  do  that. 

Do  you  think  users  are  clear  on  the 
distinctions  between  BPM  and 
business  intelligence?  Not  yet, 
no.  People  use  different  terms 
to  describe  this  whole  area, 
and  sometimes  they  say  BPM, 
but  a  lot  of  times  they  don’t. 
What  they  do  say  is,  “I  want 
more  accurate  data,”  “I  want  to 
get  better  insight,”  or  “I  want 
the  ability  to  plan  and  model 
on  the  fly.”  All  of  that  is  busi¬ 


ness  performance  manage¬ 
ment.  To  do  BPM,  you  need  to 
do  rolling  forecasts,  financial 
consolidation,  customer  and 
product  profitability  calcula¬ 
tions.  You  can’t  just  say, 
“[Show  me]  sales  by  cus¬ 
tomer,”  which  is  what  people 
think  of  when  they  say  BI. 

All  this  talk  lately  about  the  tech 
spending  upturn  -  are  you  seeing 
evidence  of  it?  I  think  it’s  a  little 
bit  real.  The  bigger  thing  for 
us  is  to  grab  a  bigger  market 
share  and  not  just  wait  around 
for  the  total  IT  spend  to  go  up. 
There’s  no  reason  we  can’t  get 
to  be  three  times  as  big  as  we 
are  today. 

BI  dashboards,  or  portals,  are 
gaining  momentum,  but  many 
companies  struggle  with  the  cul¬ 
tural  issues  of  getting  end  users  to 
actually  adopt  them.  Do  you  see 


that  with  your  own  customers? 

Yes.  You  see  it  in  two  ways. 
One  is  in  trying  to  wean  them 
off  that  spreadsheet.  They  say, 
“Don’t  take  away  my  Excel!” 
So  with  a  lot  of  the  dash¬ 
boards,  you  make  them  look 
like  Excel.  The  second,  bigger 
thing  is  the  cultural  transfor¬ 
mation.  One  of  the  presenta¬ 
tions  here  at  the  conference, 
for  instance,  was  on  dash¬ 
boards  for  the  sales  force.  At 
first,  when  the  sales  force  saw 
the  dashboard,  they  thought  it 
was  great.  Then  they  started 
realizing  how  the  executives 
could  look  at  it  and  see  every¬ 
thing  in  their  pipeline.  That 
was  a  big  change.  ©  46505 


READ  MORE  ONLINE 

For  an  extended  version  of  our  interview 
with  Rodek,  go  to  our  Web  site: 

QuickLink  46491 
www.computerworld.com 


SECU 

Thankfully  that  cost  is  low  with  the  new  Firebox9  X  -  the  integrated,  expandable  network 
security  appliance  that  delivers  the  highest  security  at  the  lowest  total  cost  of  ownership. 
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FREE  NETWORK  11  Reality  Checks  to 
SECURITY  GUIDE  Help  the  CEO  ‘CYA’ 


Get  yours  by  visiting  www.watchguard.com/cwcya 
or  by  calling  1-877-732-8780. 
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Dillard’s  department  stores  found  a  real  bargain. 
Xerox  assessed  and  streamlined  their  company-wide  work 
processes  and  printing  needs,  saving  them  $1.6  million. 

There’s  a  new  way  to  look  at  it. 


Learn  more:  Merox.com/learn  For  a  sales  rep:  1-800-ASK-XEROX  ext.  LEARN 
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Lawson  Maps  Out  a  More 
User-friendly  ERP  Strategy 


Apps  vendor  vows  to 
improve  software 
reliability,  IT  services 

BY  MARC  L.  SONGINI 

Looking  to  boost  its  ability  to  compete 
with  the  major  ERP  vendors,  Lawson 
Software  Inc.  hopes  to  attract  new 
users  and  keep  its  existing  ones 
through  a  renewed  focus  on  its  verti¬ 
cal-market  strategy  and  increased 
attention  to  customer  care. 

In  a  phone  interview  from  Lawson’s 
annual  user  conference  in  Atlanta,  CEO 
Jay  Coughlan  said  his  company  “needs 
to  break  away  from  the  peer  group” 
of  its  ERP  rivals.  To  that  end,  St.  Paul, 
Minn.-based  Lawson  will  embark  on 
“a  1,000-day  journey”  to  improve  soft¬ 
ware  stability,  expand  its  services  offer¬ 
ings  and  help  users  make  the  business 
process  changes  associated  with  ERP 
projects,  Coughlan  said.  “We  need  to 
raise  the  bar  dramatically,”  he  added. 

Although  Coughlan  offered  few  de¬ 
tails,  he  said  Lawson  is  looking  to  do 
things  such  as  eliminate  the  need  for 
software  patches,  add  analytical  so¬ 
phistication  to  its  suite  of  applications 
and  broaden  its  offerings  for  individual 
industries,  specifically  the  health  care 
and  public-sector  markets. 

Coughlan’s  message  hit  home  with 
users  such  as  Barry  Bonds,  vice  presi¬ 
dent  and  applications  manager  at 
Northern  Trust  Corp.  in  Chicago.  The 
financial  services  firm  runs  a  heavily 
customized  version  of  Lawson  Finan¬ 


cials  8.02  on  Sun  Microsystems  hard¬ 
ware  with  an  Oracle9i  database,  and 
Bonds  said  Northern  Trust’s  IT  staffers 
would  like  application  upgrades  to  be 
more  streamlined. 

The  company’s  IT  team  has  had  to 
deal  with  “an  overwhelming  amount 
of  documentation”  during  upgrades  — 
sometimes  as  much  as  600  pages  of 
information,  Bonds  said  from  Lawson’s 
Conference  and  User  Exchange  2004 
event. 

In  addition,  because  of  Northern 
Trust’s  customizations,  patches  can  re¬ 
quire  extensive  testing  to  ensure  that 
there  are  no  glitches.  Bonds  said  Law¬ 
son’s  announcement  made  him  “cau¬ 
tiously  optimistic”  that  future  up¬ 
grades  will  be  more  automated  “so  I 
don’t  have  to  wade  through  all  that.” 

Lawson’s  increased  focus  on  quality 
could  also  help  free  up  IT  resources, 
said  Robert  Smith,  software  adminis¬ 
trator  at  the  Harford  County  Public 
Schools  in  Bel  Air,  Md.  “It  sounds  like 
a  cliche,  but  we’re  always  doing  more 
with  less  people,”  Smith  said. 

Last  November,  the  Harford  schools 
completed  an  upgrade  from  Version  7 
of  Lawson’s  ERP  suite  to  Version  8.03. 
Noting  that  some  patches  can  create 
problems  with  other  parts  of  the  appli¬ 
cations  when  they’re  installed,  Smith 
said  the  school  system  had  to  set  up  a 
separate  test  environment  to  check  the 
potential  effects  of  patches  and  make 
sure  that  all  critical  functions  still 
worked  properly  —  something  he  con¬ 
siders  “unreasonable.”  ©  46516 


CEO  Looks  to  Do  Away  With  Patches 


Jay  Coughlan,  Lawson's  presi¬ 
dent  and  CEO,  spoke  with  Com- 
puterworld  from  the  vendor's  user 
conference.  Excerpts  follow: 

Can  you  give  concrete  exam¬ 
ples  of  what’s  coming  as  part 
of  the  plan  you  announced  at 
the  conference?  Out  of  the 
chute,  we  had  a  quality  product  in 
Lawson  8.1.  Going  forward,  we 
need  better  quality.  We  need  to  change 
the  way  customers  do  patches.  Well  start 
with  the  fact  that  they  should  not  have 
to  do  patches.  Patches  are  no-value- 
added  work.  Our  goal  is  to  eliminate 


that  in  less  than  1,000  days. 

How  do  you  stand  in  the  mar¬ 
ket  against  giants  such  as  Ora¬ 
cle  and  SAP?  Big  doesn't  neces¬ 
sarily  mean  better.  There’s  no  in¬ 
centive  for  Oracle  or  SAP  to 
change  the  game.  They  are  the 
game.  What  incentive  do  they 
have  to  raise  their  standards? 

-  Marc  L  Songini 
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Dillard’s  department  stores  hire  over  10,000  people  a 
year.  Storing  and  retrieving  application,  training  and 
benefits  packets  had  become  costly.  So  Dillard’s  bought 
into  something  smart:  a  Xerox  Office  Document 
Assessment  (ODA). 

Xerox  examined  their  work  process  across  all 
14  Dillard’s  business  units  and  recommended  key 
improvements. 

First,  all  analog  copiers,  stand-alone  printers 
and  fax  machines  were  replaced  by  Xerox 
DocumentCentre®  multifunction  systems.  Then  Xerox 
DocuShare®  was  installed  on  Dillard’s  network. 

This  cross-platform  document  system,  along  with  Xerox 
imaging  software,  digitized  key  business  processes. 

Now,  instead  of  storing  and  distributing  hard  copy 
documents  with  each  new  hire,  store  managers  go 
online  for  hiring  packets  and  print  forms  on  the  spot. 
No  paper  inventory.  No  outdated  information.  $1.6 
million  saved.  To  see  what  you  can  save,  call  us  or  visit 
our  website. 


Learn  more:  xerox.com/learn 

For  a  sales  rep:  1-800-ASK-XEROX  ext.  LEARN 
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Like  most  oblivious  users,  I’ve  never 
given  much  thought  to  spyware.  I’ve  al¬ 
ways  shrugged  it  off  as  just  another  slimy 
advertising  gimmick  in  an  online  world 
chock-full  of  them.  But  as  any  security 
expert  will  tell  you,  anybody  who  surfs  the  Net  has 
spyware  on  his  machine. 

Whatever  you  call  it  — 
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adware,  sneakware  or 
snoopware  —  spyware  is 
a  catch-all  term  for  any 
hidden  software  pro¬ 
gram  that  surreptitiously 
monitors  your  Web  ac¬ 
tivities  or  gathers  data 
without  your  knowledge. 

At  its  most  harmless, 
spyware  tracks  your  Web 
shopping  pathways  and 
gives  marketers  new 
numbers  to  crunch.  At 
its  most  toxic,  it  may  be  monitoring 
your  keystrokes,  installing  programs, 
scanning  files  or  even  turning  on  a 
webcam  to  secretly  film  you. 

Yet,  until  recently,  spyware  has 
been  seen  as  mainly  a  consumer, 
home-user  concern  —  a  perpetual 
hot  button  among  privacy  advocates, 
but  hardly  a  significant  corporate  IT 
security  risk.  That  view  is  changing, 
however,  and  once  you  read  Robert  L. 
Mitchell’s  “Spyware  Sneaks  Into  the 
Office”  (page  23,  and  online  at  Quick- 
Link  45702),  you’ll  see  why.  The  sto¬ 
ry  makes  a  strong  case  for  paying  at¬ 
tention  to  this  menacing  but  silent 
invader  of  corporate  networks. 

What  kind  of  menace  are  we  talk¬ 
ing  about?  For  starters,  spyware  is 
doing  the  following: 

■  Interfering  with  regulatory  compliance 
efforts.  Companies  must  comply  with 
a  complex  legal  web  of  privacy  regu¬ 
lations  and  data  protection  man¬ 
dates  today.  When  spyware  is  loose 
in  your  environment,  you  can  no 
longer  guarantee  that  corporate  in¬ 
formation  is  secure.  Unauthorized, 
untested  software  on  corporate  lap¬ 
tops  basically  blows  a  hole  in  your 
carefully  crafted  security  policies. 


■  Generating  even  more 
spam.  When  spyware  finds 
e-mail  addresses,  it  oblig¬ 
ingly  sends  them  back  out 
over  the  Internet  to  be 
traded,  shared  or  sold  to 
spammers.  Users  clueless 
enough  to  click  on  prod¬ 
uct  ads  within  the  spam 
may  be  downloading  ad¬ 
ditional  spyware. 

■  Devouring  network  re¬ 
sources.  One  LAN  admin¬ 
istrator  quoted  in  our  sto¬ 
ry  discovered  multiple  spyware  pro¬ 
grams  running  on  200  desktop  PCs 
when  he  investigated  complaints 
about  lousy  network  performance 
and  proliferating  pop-up  ads.  When 
his  ever-helpful  users  tried  to  block 
the  pop-ups  by  downloading  free¬ 
ware  to  do  the  job,  even  more  spy- 
ware  rode  in  with  the  free  software. 

Ah,  freeware.  Or  not-so-free  ware, 
as  it  turns  out.  Bundling  in  adware 


programs  is  all  part  and  parcel  of  the 
way  distributors  make  money  on 
freeware  [QuickLink  46458],  Exhibit 
A  is  the  wildly  popular  Kazaa  Media 
Desktop,  a  kitchen-sink  collection  of 
peer-to-peer  file  sharing  services  that 
also  delivers  multiple  adware  pro¬ 
grams  (and  much  worse).  If  down¬ 
loading  freeware  isn’t  already  out¬ 
lawed  in  your  company,  it  should  be. 

Which  brings  us  to  the  human  ele¬ 
ment  in  this:  the  already-overworked 
IT  staffs,  and  their  managers,  who 
don’t  think  it’s  that  big  of  a  deal. 

“There’s  not  enough  senior  man¬ 
agement  buy-in  to  the  problem,”  says 
one  security  manager  at  a  financial 
services  company.  “Our  hands  are  full 
just  handling  the  antivirus  stuff.”  Yet 
the  antivirus  vendors  have  to  tread 
lightly  when  it  comes  to  blocking  ad¬ 
vertisements  because  of  lawsuit 
threats  from  the  ad  vendors.  Legisla¬ 
tion  is  even  less  likely  to  help,  though 
many  will  be  watching  the  impact  of 
Utah’s  controversial  Spyware  Control 
Act,  which  goes  into  effect  today. 

In  the  meantime,  our  story  has 
plenty  of  advice  about  how  to  eradi¬ 
cate  spyware,  and  much  of  it  dove¬ 
tails  with  good  security  practices. 
Maybe  users  like  me  can  afford  to  re¬ 
main  oblivious,  but  IT  managers 
can’t.  It’s  time  to  answer  the  spyware 
wake-up  call.  ©  46539 


WHEN  mixed  with 

money,  IT  is  a  drug. 

The  combo  makes 
ordinarily  sane  people  forget 

their  past.  The  toxic  cocktail  unleashes 
a  tidal  wave  that  washes  away  all  com¬ 
mon  sense. 

Think  I’m  kidding? 

Just  check  out  the  giddy  display  of 
amnesia  sweeping  the  investment 
community  over  the  initial  public  of¬ 
fering  of  Mountain  View,  Calif.-based 
search  engine  company  Google. 

Remember,  we’re  not  talking  jet  en¬ 
gines  here.  Jet  engines  are  almost 
worthless  compared  with  the  expected 
$25  billion  valuation  for  Google.  At 
that  price,  Google  is  worth  more  than 
Lockheed  Martin.  That  quaint  maker 
of  flying  machines  produced  revenue 
of  $31.8  billion  last  year,  selling  such 
things  as  F-16  fighter 
jets  and  gearing  up 
for  the  new  Joint 
Strike  Fighter  pro¬ 
gram.  Lockheed 
Martin  may  have 
130,000  employees, 
but  its  $20.8  billion 
market  cap  is  only 
on  paper. 

„  Speaking  of  gaper,  | 

Google  is  likely  to  be 
worth  more  than  In¬ 
ternational  Paper, 
which  has  a  stock 

market  valuation  of  $20.9  billion.  But 
then,  who  wants  to  own  all  those  dirty 
factories  filled  with  employees  when 
you  can  be  sitting  in  a  nice,  clean  office 
sipping  coffee?  Unfortunately,  that  won’t 
do  either,  since  Google  is  worth  more 
than  all  of  Starbucks’  lattes  and  aged 
Sumatra  coffees.  The  king  of  caffeine 
might  operate  more  than  7,500  retail 
stores,  but  it’s  valued  at  just  $15.5  billion. 

Of  course,  none  of  this  bothers 
Credit  Suisse  First  Boston  or  Morgan 
Stanley,  the  lead  underwriters  that  will 
be  selling  the  Google  swill  to  a  willing 
public.  The  investment  bankers  stand 
to  make  about  $100  million  flogging  a 
company  whose  main  product  is  wide¬ 
ly  used  and  often  imitated.  No,  it 
shouldn’t  bother  them,  but  it  should 
bother  those  who  throw  around  terms 
such  as  value. 

In  a  wider  sense,  it  isn’t  hard  to 
place  Google  alongside  Netscape,  the 
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leader  of  last  century’s  Internet  hype. 
Nor  is  it  difficult  to  connect  Google 
with  its  bankers,  Credit  Suisse  First 
Boston,  whose  former  wunderkind, 
Frank  Quattrone,  now  sits  in  the  dock, 
charged  with  obstruction  of  justice  in 
relation  to  IPO  abuses. 

But  that’s  all  in  the  past,  right? 

People  have  recovered  from  their 
hangovers  from  tech  excess.  If  they  can 
afford  Google,  they  can  surely  buy  lots 
of  Alka-Seltzer.  Bayer,  the  German 
maker  of  Alka-Seltzer,  is  inexpensive 
alongside  Google,  with  just  $18  billion 
in  market  value. 

If  this  argument  sounds  old  fash¬ 
ioned  in  its  failure  to  take  into  account 
the  newer  New  Economy,  well  I  guess 
it  is.  Google  could  well  Find  its  place  in 
the  ranks  alongside  eBay  and  Yahoo, 
the  only  Internet  companies  with  larg¬ 
er  market  caps  ($53  billion  and  $37.8 
billion,  respectively)  than  the  one  ex¬ 
pected  for  Google.  But  you  can  forget 
about  comparing  Google’s  eventual 
stock  market  capitalization  with  AOL’s. 
Time  Warner  dropped  AOL  from  its 
name  several  months  ago  because  it 
wasn’t  adding  value  to  the  company. 

You  might  want  to  remember  that 
piece  of  news  when  they  hand  out  the 
Internet  drugs  this  time.  ©  46444 

DAVID  MOSCHELLA 

Corporate 
Innovation 
And  the  CIO 

Like  clockwork,  al¬ 
most  exactly  four  years 
after  the  bursting  of  the 

Internet  bubble  in  March 
2000,  the  pendulum  has  begun  to 
swing  back  toward  IT  innovation  and 
progress.  While  boardroom  skepticism 
clearly  remains,  the  limits  of  nega¬ 
tivism  have  been  reached,  and  compa¬ 
nies  are  increasingly  looking  once 
again  at  top-line  growth.  Assuming 
that  war  and  terrorism  don’t  shatter 
the  current  recovery,  we  can  be  rea¬ 
sonably  confident  that  the  voice  of 
technology  will  again  be  heard. 

Although  IT  spending  and  IT  inno¬ 
vation  aren’t  the  same  thing,  they 
clearly  have  a  strong  correlation,  and 
there  has  rarely  been  significant  IT  in¬ 
novation  without  additional  spending 
—  even  if  the  converse  isn’t  necessarily 
true.  Despite  the  bruises  of  recent 


years,  most  companies 
know  that  in  order  to  grow, 
at  some  point  they  must 
start  doing  some  things  dif¬ 
ferently.  And  it’s  increasing¬ 
ly  true  that  there  are  few 
major  business  changes  or 
innovations  that  don’t  have 
a  significant  IT  component. 

For  these  reasons,  the 
CIO  should  typically  be  at 
the  heart  of  corporate  inno¬ 
vation.  But  is  this  the  case  in 
your  organization?  In  recent 
years,  many  IT  organiza¬ 
tions  have  lost  their  image 
as  business  innovators,  and 
in  many  companies,  the  internal  IT 
systems  and  infrastructure  are  seen  as 
barriers  to  innovation,  not  enablers. 
The  fact  that  so  many  companies  have 
chosen  CIOs  whose  primary  back¬ 
ground  is  outside  of  IT  can  only  be 
seen  as  a  serious  indictment  of  the  IT 
profession  and  as  clear  evidence  that 
too  many  IT  professionals  have  failed 
to  gain  the  respect  of  their  business 
colleagues. 

Will  things  be  any  different  this  time 
around?  All  of  our  experience  suggests 


that  the  IT  business  tends 
to  evolve  in  cycles  and  that 
each  of  these  cycles  has  its 
defining  themes  and  dy¬ 
namics.  We  know  we’ve 
been  through  the  bubble 
and  postbubble  eras,  but 
how  will  the  next  three  to 
four  years  be  character¬ 
ized?  Some  people  are  call¬ 
ing  this  period  “the  new 
normal,”  but  clearly  the  fu¬ 
ture  will  be  more  specific 
than  that. 

From  an  IT  management 
perspective,  the  next  few 
years  will  be  the  formative 
period  for  establishing  the  long-term 
relationship  between  IT  and  business 
innovation.  If  corporate  IT  doesn’t 
emerge  as  a  true  business  peer  and 
partner,  it  probably  never  will,  and 
many  IT  organizations  will  lose  con¬ 
trol  of  emerging  applications  and  be 
relegated  to  support  activities.  This 
will  make  them  far  more  likely  to  be 
the  subjects  of  outsourcing  or  similar 
rearrangements. 

As  we  enter  this  new,  seemingly 
more  positive  phase,  actual  and  would- 


be  IT  leaders  might  want  to  continual¬ 
ly  ask  themselves  the  following  basic 
questions: 

■  Does  your  company  have  a  specif¬ 
ic  and  widely  understood  business- 
innovation  strategy? 

■  How  does  IT  fit  into  this  strategy? 

■  Does  your  IT  organization  have  a 
culture  that  supports  and  rewards 
business  collaboration  and  innovation? 

■  Do  your  customers  and  suppliers 
play  an  important  role  in  any  such 
processes? 

■  Does  your  company’s  executive 
team  look  to  IT  management  as  a 
major  resource  for  potential  ideas? 

If  your  answers  to  these  questions 
are  mostly  positive,  congratulations. 

If  not,  some  sort  of  remedial  action  is 
probably  recommended.  IT  manage¬ 
ment  now  has  the  opportunity  to  re¬ 
pair  much  of  the  damage  of  recent 
years.  How  well  it  responds  will  likely 
have  significant  ramifications  for  many 
years  to  come.  ©  46393 
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Want  Fixes  or  Not? 

WE  IT  FOLKS  ARE  FICKLE. 

Just  a  year  ago  or  so,  we 
were  complaining  that  Microsoft 
wasn't  treating  security  issues  seri¬ 
ously,  Now  that  Microsoft’s  being 
serious,  releasing  patches  as  soon 
as  it  can,  are  we  complaining  that 
it’s  too  serious  [“Microsoft  Draws 
User  Ire  With  Its  Latest  Release  of 
Patches,"  QuickLink  46247]? 

I  like  the  idea  that  Microsoft  is 
issuing  patches  with  such  effort 
and  frequency  regardless  of  timing 
and  potential  damage  to  its  reputa¬ 
tion.  I  just  hope  it  can  keep  this  up 
and  doesn’t  give  in  to  the  complain- 
ers.  Sure,  these  patches  are  evi¬ 
dence  of  holes  due  to  products 
sometimes  being  rushed  to  market, 
sloppy  coding  and  testing,  or  what¬ 
ever.  But  the  fact  is  that  Microsoft  is 
plugging  the  holes,  and  its  willing¬ 
ness  to  do  what’s  right  has  a  lot 
more  merit  in  my  eyes. 

I  do  have  one  suggestion  for 
Microsoft  regarding  these  patches, 
though:  How  about  providing  an 
easy-to-use  tool  for  organizing  and 
deploying  them? 

Dave  Shipman 

IT  manager,  Concord,  Mass. 


According  to  Microsoft’s 
Stephen  Toulouse,  issuing  the 
20  patches  “was  the  best  solution 
for  our  customers."  Wrong!  The  best 
solution  for  your  customers,  Mr. 
Toulouse,  is  to  drop  Microsoft  and 
go  with  an  alternative  server  operat¬ 
ing  system  that  was  built  from  the 
ground  up  to  handle  the  Internet 
and  security. 

Jerry  Walter 
Troy,  Ohio 

CONSUMERS  should  never  be 
alerted  to  download  fixes  that 
haven’t  been  made  available.  Get¬ 
ting  them  to  check  Windows  Up¬ 
date  once  is  hard  enough.  Try  get¬ 
ting  them  to  go  back  repeatedly  for 
the  same  issues.  Yet  Microsoft 
points  fingers  at  consumers  who 
are  too  “lazy"  to  keep  their  systems 
current.  Hmm. 

Jim  Mussiewhite 
Consultant,  Olympia,  Wash. 

IT  SEEMS  TO  ME  the  complainers 
have  nothing  to  complain  about.  If 
the  software  code  is  defective,  it  will 
need  to  be  patched.  You  can  either 
keep  current  with  the  patches  or 
keep  busy  repairing  damage  that 
the  lack  of  patches  creates,  and 


then  install  the  patches  anyway.  The 
Internet  and  IP  weren’t  made  for 
user  security,  durability  and  privacy, 
and  it  may  be  a  decade  or  more  be¬ 
fore  we  get  to  some  level  of  user 
needs.  Put  your  time  and  energy 
into  keeping  current  with  the  patch¬ 
es:  this  is  the  cheapest  way  out  until 
software  and  the  IP  improves. 

Gene  Thomas 
Senior  consultant, 

Telecom  Consult,  Atlanta, 
genethomas@att.net 


Wi-Fi  Overload 

OH  BOY,  yet  another  “national” 
Wi-Fi  network  [’’McDonald’s  to 
Supersize  Use  of  Wi-Fi  Connec¬ 
tions,"  QuickLink  46251],  So,  let’s 
see.  If  I  want  an  espresso  and  some 
Web  surfing,  I’ll  go  to  Starbucks  and 
sign  up  for  T-Mobile  HotSpot.  When 
I  need  some  magazines  and  have  to 
check  my  e-mail,  it’s  off  to  Barnes  & 
Noble,  where  I  must  sign  up  for 
Cometa  Hotspot.  All  this  signing  up 
makes  me  hungry,  so  I  stop  at  Mc¬ 
Donald's,  but  I  have  to  sign  up  for 
Wayport  if  I  want  Wi-Fi  there.  (And  I 
guess  my  Cometa  Hotspot  that  was 
usable  at  McDonald’s  in  Washing¬ 
ton  will  no  longer  work  there.) 


As  a  consumer,  I’ll  pick  one  plan 
(Cometa  seems  the  most  affordable 
right  now  in  Seattle),  patronize 
those  retailers  where  I  can  use  it, 
avoid  those  with  competing  sys¬ 
tems  because  there  are  too  many 
Wi-Fi  hands  trying  to  get  into  my 
wallet,  and  look  for  those  indepen¬ 
dent  retailers  that  offer  free  Wi-Fi  as 
a  service  to  their  customers. 

Retailers  take  note:  You'll  likely 
build  more  business  traffic  by  not 
fragmenting  the  Wi-Fi  market.  Take 
a  lesson  from  Visa  and  MasterCard 
vs.  store-branded  credit  cards. 

John  Driggers 

Seattle,  john__driggers@ 

hotmail.com 
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INTO  THE  OFRCE 

Once  viewed  as  simply  a  consumer 
desktop  problem,  spyware  is  increasingly 
viewed  as  a  corporate  liability  that  IT 
has  to  address.  BY  ROBERT  L.  MITCHELL 


Bruce  Edwards  began  to  un¬ 
derstand  that  spyware  was 
more  than  a  consumer  PC 
problem  when  his  users 
started  complaining  loudly  about  poor 
performance  and  an  increase  in  pop¬ 
up  ads.  But  it  wasn’t  until  after  he’d 
checked  all  of  his  organization’s  PCs 
that  Edwards  understood  the  full  scope 
of  the  problem. 

“My  customer  workstations  were 
really  gummed  up,”  says  Edwards, 

LAN  administrator  at  the  Administra¬ 
tive  Office  of  the  Courts  in  Little  Rock, 
Ark.  All  200  machines  in  his  offices 
were  running  a  wide  range  of  spyware, 
and  many  were  running  multiple  pro¬ 
grams.  The  programs  ran  in  the  back¬ 
ground  without  the  users’  knowledge, 
downloading  information  on  Web  surf¬ 
ing  activities  and  uploading  advertis¬ 
ing  in  the  background  for  use  in  pop¬ 
up  ads.  As  the  volume  of  these  hidden 
programs  grew,  they  began  using  up 
system  resources  and  choking  off  net¬ 
work  bandwidth.  Annoyed  with  all  the 
pop-up  ads,  some  users  downloaded 
free  pop-up  blocker  programs  that  in¬ 
stalled  even  more  spyware. 

Spyware  programs  discreetly  install 
themselves  on  PCs,  establish  a  back 
channel  over  which  to  download  infor¬ 
mation  about  the  user  and  typically 
upload  advertisements  —  often  over 
HTTP  Port  80.  Programs  designed 
specifically  to  deliver  targeted  adver¬ 
tising  are  also  called  adware.  But  ad¬ 
ware  and  other  types  of  software  that 
install  without  the  user’s  explicit  con¬ 


sent  and  establish  background  commu¬ 
nications  —  including  surveillance 
programs,  key  loggers,  remote  control 
tools  and  Trojans  —  are  also  described 
as  spyware. 

Companies  have  traditionally 
viewed  spyware  as  a  nuisance  that’s 
best  handled  by  desktop  support 
groups.  But  IT  organizations  are  begin¬ 
ning  to  view  it  as  a  security  risk  as  well 
because  spyware  is  becoming  more 
common  and  the  programs  are  grow¬ 
ing  more  sophisticated. 

Edwards  used  PestPatrol,  a  spyware 
scanning  and  removal  tool,  to  clean  up 
the  mess.  But  the  big  issue  for  him  isn’t 
system  performance  or  productivity¬ 
sapping  pop-ups  —  it’s  the  uneasy  feel¬ 
ing  that  these  programs  have  opened 
an  unauthorized  communication  chan¬ 
nel  that  could  put  sensitive  court  docu¬ 
ments  at  risk.  He  worries  that,  in  addi¬ 
tion  to  downloading  data  on  Web  surf¬ 
ing  activity,  a  spyware  program  may 
capture  user  log-in  and  password  infor¬ 
mation,  or  that  a  benign  adware  pro¬ 
gram  may  provide  a  communications 
pathway  that  could  be  hijacked  for  up¬ 
loading  more  malicious  software. 

Analysts  say  that  while  some  adware 
programs  simply  monitor  Web  surfing 
activity  and  serve  up  annoying  pop-up 
ads,  others  could  be  stealing  e-mail  ad¬ 
dresses  and  passwords,  allowing  back¬ 
ground  downloads  of  more  malicious 
software,  or  sending  sensitive  data  to 
competitors.  “We  think  the  capability 
to  do  that  is  there,”  says  John  Pesca- 
tore,  an  analyst  at  Stamford,  Conn.- 
based  Gartner  Inc. 

Getting  In 

Spyware  applications  may  install 
themselves  after  a  user  clicks  on  a 
pop-up  dialog  box,  opens  an  e-mail  at¬ 
tachment  or  downloads  freeware.  In 
some  cases,  unpatched  Windows  ma¬ 
chines  may  be  vulnerable  to  “drive-by” 
attacks,  in  which  malicious  code  em¬ 
bedded  in  a  viewed  Web  site  exploits 
Internet  Explorer  vulnerabilities  and 
lax  security  settings  to  install  itself 
without  the  user  clicking  on  anything. 

As  spyware  accumulates,  it  con- 
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sumes  increasing  amounts  of  re¬ 
sources.  A  single  program  may  install 
upward  of  300  files  and  make  500  reg¬ 
istry  entries,  says  Roger  Thompson, 
vice  president  of  development  at  Pest- 
Patrol  Inc.  in  Carlisle,  Pa. 

Spyware  programs  may  also  be  used 
in  corporate  espionage.  Thor  Larholm, 
senior  security  researcher  at  network 
security  tool  vendor  PivX  Solutions 
LLC  in  Newport  Beach,  Calif.,  says  a 
hacker  stole  one  company’s  trade  se¬ 
crets  by  using  an  adware  program’s 
communications  channel  to  plant  a 
Trojan  on  corporate  desktops. 

The  adware  was  set  up  to  communi¬ 
cate  with  the  adware  producer’s  Web 
page  in  order  to  retrieve  new  advertise¬ 
ments.  The  attacker  used  a  “man-in- 
the-middle”  attack  to  alter  the  Web 
page  with  malicious  code  that  could 
exploit  an  Internet  Explorer  vulnerabil¬ 
ity  on  unpatched  Windows  machines. 


1.  Keep  Windows  and  Internet  Explor¬ 
er  patches  up  to  date. 

2.  Keep  desktop  antivirus  software 
signatures  up  to  date. 

3.  Issue  and  enforce  strict  policies 
on  user  Web  surfing  and  downloading 

ar.tiuitiPA 

4 .  Use  a  Web  content  filtering  pro-  ; 

gram  to  monitor  user  activity  and  block 
access  to  Web  sites  commonly  used  to 
disseminate  spyware.'  ;  '  ‘  - 

5. 

lapt  . 


desktop.. 


jyegres- 

0.  Configure  an  e-mail  gateway  to 
block  all  executable  e-mail  attach-  . ; ;  . 

-  - . merits. 

7.  Don't  give  Windows  users  local 

■  admin  privileges. 

8,  Test  Service  Pack  2  for  immediate 
deployment  on  ail  VVindows  XP 


friftcfcines. 


S,  Creme  a  list  of  known  good 
ActiveX  controls  and  block  all  others. 
Lists  are  available  from  Symantec,  ; 
PivX  and  other  security  vendors. 

10.  Qs|  commercial  anfispyware  soft¬ 
ware  io  detect  and  remove  existing  spy- 
ware  programs.  Look  for  improved  tools 
that  can .■Identify  all  types  of  spyware, 
including  commercial  programs  thai 
include  end -user  licensing  agreements. 
Expect  to  see  anfispyware  programs 
v/ftti  centralizedmapagement  and  con- 
l  rc  - ;  ca  tures  by  gear’s  end. 


Because  the  target  company’s  PCs  were 
vulnerable,  the  attacker  was  able  to  in¬ 
stall  the  backdoor  program.  “By  hijack¬ 
ing  the  adware  traffic,  he  gained  access 
to  five  machines,”  Larholm  says.  The 
attacker  spent  two  months  collecting 
trade  information  and  data  on  new 
projects  before  the  hole  was  detected 
and  closed.  The  lesson,  Larholm  says: 
“Any  kind  of  unknown  code  running 
on  desktops  is  a  liability.” 

Reports  of  such  nightmare  scenarios 
are  rare,  but  they  worry  Sean,  a  securi¬ 
ty  engineer  at  a  large  financial  services 
company  who  asked  that  his  full  name 
and  company  not  be  used.  “I  don’t 
think  we  deal  with  [spyware]  the  way 
we  should.  I  think  it’s  going  to  get 
worse,”  he  says.  A  disruption  in  day-to- 
day  workflows  caused  by  spyware 
“could  translate  into  big  bucks”  for  his 
company,  he  adds.  But  until  a  major  in¬ 
cident  occurs,  Sean  doubts  his  organi¬ 
zation  will  act.  “There’s  not  enough  se¬ 
nior  management  buy-in  to  the  prob¬ 
lem.  Our  hands  are  full  just  handling 
the  antivirus  stuff,”  he  says. 

Preventive  Measures 

Keeping  spyware  out  isn’t  easy,  users 
and  vendors  say.  Antivirus  software 
and  Web  content  filters  can  help.  But 
preventing  spyware  problems  also  re¬ 
quires  installation  of  desktop  firewall 
software  on  every  Windows  machine 
to  detect  and  block  attempts  to  install 
spyware,  whether  by  the  user  or 
through  the  social  engineering  tricks 
spyware  creators  play  to  get  users  to 
click  on  a  misleadingly  worded  pop-up 
window.  It  requires  rigorous  patching 
and  updating  of  Windows  and  Internet 
Explorer  vulnerabilities.  And  it  re¬ 
quires  the  blocking  of  all  executable 
e-mail  file  attachments. 

Another  way  to  thwart  spyware 
downloads  is  by  giving  Windows  XP 
users  restricted  access  rather  than  full 
administrator  access  to  their  local  ma¬ 
chines.  “Linux  users  would  never  run 
the  computer  as  root  and  read  e-mail 
. . .  but  that’s  what  Windows  users  do 
all  the  time,”  says  Mikko  Hypponoen, 
antivirus  research  director  at  San  Jose- 
based  F-Secure  Inc.  Many  spyware  pro¬ 
grams  simply  can’t  install  if  the  user 
doesn’t  have  local  admin  rights. 

“In  talking  with  large  companieson 
a  weekly  basis  . . .  I’m  surprised  how 
many  still  provide  users  with  full  ad¬ 
min  privileges  on  the  desktop,”  says 
Candace  Worley,  product  manager  for 
McAfee  VirusScan.  Sean,  at  the  finan¬ 
cial  services  company,  acknowledges 
that  many  of  the  more  than  100,000 
employees  in  his  organization  have  full 
admin  rights  to  their  machines.  But,  he 


says,  “it’s  not  practical  to  lock  down 
the  desktop  completely,”  because  users 
demand  some  flexibility. 

Patching  is  critical,  but  it  won’t 
block  all  exploits,  says  Larholm,  who 
until  recently  provided  a  list  of  un¬ 
patched  Internet  Explorer  vulnerabili¬ 
ties  on  the  PivX  Web  site.  That  list 
once  had  32  entries.  “Today  I  would  es¬ 
timate  that  there  are  still  14  unpatched 
vulnerabilities.  About  half  of  those  al¬ 
low  for  command  execution.  About 
half  of  the  remaining  ones  allow  cross¬ 
domain  scripting,”  says  Larholm.  Mi¬ 
crosoft  Corp.’s  upcoming  Service  Pack 
2  will  remedy  many  of  those,  he  says. 

SP2  is  expected  to  create  application 
compatibility  issues,  but  Gartner’s 
Pescatore  recommends  implementing 
it  as  soon  as  possible.  “We’ll  see  a  pret¬ 
ty  high  incidence  of  breakage,  but  it’s 
one  you  should  be  doing,”  he  says. 

Still,  SP2  won’t  help  Sean’s  company. 
It’s  still  using  Version  5.5.  of  Internet 
Explorer,  he  says,  noting  that  many 
large  corporations  aren’t  using  the 
most  up-to-date  versions  of  their  Web 
browsers  “because  newer  versions  can 
break  intranet  applications.” 

Pete  Simpson,  ThreatLab  manager  at 
Reading,  England-based  Clearswift 
Ltd.,  which  sells  Web  and  e-mail  con¬ 
tent  filters,  says  blocking  all  executable 
file  attachments  is  critical  because 
antivirus  software  doesn’t  always  de¬ 
tect  embedded  spyware. 

Pete  Munro,  network  manager  at  a 
U.K.-based  vertical-market  software 
vendor,  once  intercepted  an  e-mail  file 
attachment  purporting  to  be  a  wedding 
invitation.  If  executed,  the  attachment 
would  have  installed  a  copy  of  iSpy- 
Now,  a  commercial  surveillance  spy- 
ware  program.  Says  Munro,  who  asked 
that  his  company  not  be  named,  “Our 
source  code  is  very  valuable.  If  anyone 
stole  it,  changed  it  or  deleted  it,  that 
could  cause  us  a  lot  of  trouble.” 

Munro  blocked  the  attachment  at 
the  e-mail  gateway.  Users  are  also  pro¬ 


tected  by  not  having  local  admin  privi¬ 
leges  on  their  machines.  Munro  says 
he’s  glad  the  gateway  did  its  job  be¬ 
cause  his  antivirus  scanner  ignored  the 
attachment.  “From  their  point  of  view 
it’s  a  commercial  program,”  he  says. 

Such  programs  are  clearly  a  threat, 
yet  most  antivirus  tools  and  even  some 
antispyware  programs  don’t  detect 
commercial  software  and  adware  that 
include  end-user  license  agreements. 

“Vendors  producing  different  types 
of  advertisement  software  are  threat¬ 
ening  to  sue  us  because  we’re  making 
them  look  bad,”  says  Hypponoen.  To 
avoid  such  issues,  he  says  his  company 
provides  signatures  only  for  malicious 
programs  used  for  “criminal  intent.” 
Both  Network  Associates  Inc.  and 
Symantec  Corp.  have  begun  to  add 
some  spyware-detection  capabilities  to 
their  corporate  offerings,  but  both 
struggle  with  the  same  issues.  “The 
Symantecs  and  McAfees  have  been 
very  slow  to  add  spyware  capabilities, 
and  it’s  not  clear  to  me  why  —  because 
it’s  a  big  problem,”  says  Pescatore. 

Ultimately,  IT  organizations  don’t 
care  whether  spyware  programs  are  le¬ 
gitimate  adware,  commercial  surveil¬ 
lance  programs  or  malware.  They  need 
to  know  about  anything  that’s  not  part 
of  the  standard  system.  “If  you  have 
tons  of  spyware  on  your  machines, 
you’re  letting  other  companies  use 
your  private  property  to  earn  money. 
That’s  a  big  corporate  liability,”  says 
Larholm.  “If  anyone  should  be  moni¬ 
toring  your  employees  it,  should  be 
you.”  ©  45702 


MORE  ABOUT  SPYWARE 

Legislators  take  notice  of  the  rising  tide  of  spyware: 

QuickLink  45772 


Embedded  spyware  is  often  the  price  users  pay  for 
freeware:  QuickLink  46458 

Enteprise-grade  antispyware  programs  are  still  a  work 
in  progress: 
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Need  Answers  to  Your 
Business  Intelligence  Questions? 

Apply  to  Attend  Computerworld’s  IT  Executive  Summit 
on  Business  Intelligence 


If  you’re  an  IT  executive*  in  an 
end-user  organization,  apply  to 
attend  one  of  Computerworld’s 
upcoming  complimentary  one-day 
summits  on  Business  Intelligence. 

Neither  a  product  nor  a  system, 
Business  Intelligence  (Bl)  is 
an  architecture  -  a  collection  of 
interrelated  operational  and 
business  performance  measurement 
applications  and  databases. 

The  only  way  to  succeed  with  Bl 
applications  is  to  understand  their 
complexity,  their  cross-organizational 
nature,  the  needs  of  knowledge 
workers,  your  competition,  your 
market,  and  customer  trends. 

This  summit  will  give  you  a 
comprehensive,  one-day  overview  - 
and  will  arm  you  with  the  latest 
thinking  and  tools  to  make  the 
right  investments  in  Bl. 


*  Complimentary  registration 
is  restricted  to  qualified 
IT  executives  only. 
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Panelists:  Bill  Farrow,  CIO  and  EVP,  Chicago  Board  of  Trade:  Richard  Gius,  SVP  of  IT, 
Medical  Products  and  Services.  Cardinal  Health;  Scott  Hicar,  CIO  and  VP,  Worldwide 
Information  Technology,  Maxtor  Corporation;  Shelley  McIntyre,  VP  of  Business 
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Continually  changing 
products  and  standards 
are  adding  confusion  to 
the  process  of  choosing 
wireless  LAN  products. 


Keeping  up  with  new  developments 
in  wireless  LAN  technology  is  get¬ 
ting  tougher.  The  Institute  of  Elec¬ 
trical  and  Electronics  Engineers  Inc. 
seems  to  ratify  a  new  and  improved 
variation  of  its  802.11  WLAN  stan¬ 
dard  every  few  months.  Meanwhile, 
vendors  announce  round  after 
round  of  products  touting  the  latest 
enhancements  —  sometimes  even 
before  the  new  standards  are  final. 
For  IT  managers  looking  to  build 
anew  or  upgrade  an  existing 
WLAN,  keeping  abreast  of  the  choices  isn’t  easy. 

“It’s  a  lot  of  work  to  keep  up,”  says  Carl  Whitman, 
executive  director  of  e-operations  at  American  Uni¬ 
versity  in  Washington.  Last  year,  Whitman  finished  a 
13-month  WLAN  implementation  based  on  11Mbit/ 
sec.  802.11b  technology.  Now  he’s  considering  con¬ 
verting  the  radios  in  some  of  his  Cisco  Aironet  1200 
series  access  points  (AP)  to  the  54Mbit/sec.  802.11g 
standard  to  boost  throughput.  But  Whitman  is  taking 
his  time  sifting  through  the  array  of  choices  that  have 
appeared  on  the  scene  since  he  first  considered 
WLANs  three  years  ago. 

“New  features  and  functions  are  coming  at  a  stag¬ 
gering  rate,”  says  Ron  Seide,  product  line  manager 
for  the  WLAN  networking  business  unit  at  Cisco 
Systems  Inc.  The  good  news  is  that  Cisco  and  other 
vendors  of  enterprise-grade  WLAN  equipment  are 
designing  products  that  often  can  be  upgraded  with 
flash  updates  or  add-in  modules.  “With  software  up¬ 
grades,  you  can  push  the  configuration  file  change 
out  to  your  access  points  without  having  to  touch 
them  again,”  Seide  says. 


Changing  Channels 

Vendors  also  offer  hardware  updates.  For  example, 
users  of  Cisco’s  802.11b  APs  can  convert  to  802.11g 
with  a  $149  swap-out  of  the  unit’s  internal  radio  hard¬ 
ware.  Customers  can  upgrade  units  to  802.11a  for 
$500.  Cisco  also  offers  Aironet  client  adapters  that 
can  run  in  802.11a,  b  and  g  modes. 

Ultimately,  the  ideal  Wi-Fi  architecture  will  be 
multiband,  supporting  both  802.11b  and  g  (which 
operate  at  2.4  GHz  over  three  channels)  and  802.11a 
(which  operates  at  5  GHz  on  up  to  24  channels).  Al¬ 
though  802.11a  isn’t  backward-compatible  with  802.11b 
clients,  in  the  long  term  many  organizations  will  need 
the  extra  channels  available  in  802.11a  to  support 
more  users  at  a  higher  data  rate. 
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But  networks  are  still  likely  to  continue  to  support 
devices  operating  in  both  frequency  ranges.  “It’s  not 
a  2.4  GHz  vs.  5  GHz  battle.  It  will  be  both,  like  an 
AM/FM  radio,”  says  Leigh  Chinitz,  chief  technical 
adviser  at  Proxim  Corp.,  a  WLAN  equipment  vendor 
in  Sunnyvale,  Calif.  “You  will  have  b  and  g  and  a 
running,  and  it  will  be  invisible  to  users.” 

A  mixed  802.11b/g/a  architecture  may  be  the  wave 
of  the  future,  but  not  all  product  offerings  are  there 
yet.  The  current  generation  of  wireless  IP  tele¬ 
phones,  for  example,  supports  only  802.11b.  In  the 
meantime,  for  many  early  adopters  struggling  to  get  a 
handle  on  all  the  changes,  802.11b  works  just  Fine. 

Going  With  Plan  B 

At  Scripps  Health,  a  not-for-profit  health  care  pro¬ 
vider  in  San  Diego,  an  802.11b  WLAN  suits  the  needs 
of  doctors,  nurses,  administrative  staffers  and  pa¬ 
tients  just  fine.  “I  don’t  know  why  we  would  migrate 
yet,”  says  CIO  Jean  Balgrosky.  Scripps  is  just  finish¬ 
ing  outfitting  its  five  hospitals  with  WLANs  —  a 
project  that  cost  $30,000  to  $100,000  per  facility  and 
included  buying  laptops,  Aironet  1230  APs  and  a 
gateway  to  the  wired  network.  Next  on  Balgrosky’s 
agenda  are  Scripps’  12  community  clinics.  The  ambi¬ 
tious  WLAN  implementation,  which  will  also  use 
802.11b  hardware,  will  be  complete  in  August  2005. 

802.11b  throughput  and  reliability  are  sufficient  to 
meet  the  needs  of  the  various  user  groups,  including 
nurses  who  have  Wi-Fi-enabled  laptops  on  carts  that 
they  roll  from  patient  to  patient,  doctors  who  log  in 
from  home  using  their  personal  wireless  devices  and 
patients  who  surf  the  Web  from  their  beds,  according 
to  Balgrosky.  Although  802.11g  APs  don’t  cost  any 
more  than  802.11b  APs,  Balgrosky  says  she  will  stick 
with  the  latter  so  as  not  to  add  complexity  to  the  net¬ 
work.  It  has  sufficient  bandwidth  even  for  download¬ 
ing  compressed  X-ray  images,  and  she  is  loath  to  dis¬ 
turb  the  reliability  and  performance  of  the  802.11b- 
based  architecture  Scripps  has  been  rolling  out. 

As  WLAN  security  continues  to  advance,  Bal¬ 
grosky  has  kept  up  by  adding  a  WLAN  gateway.  But 
she  is  wary  of  proprietary  implementations  that 
could  lock  her  into  a  single  vendor’s  products.  So 
while  Scripps  uses  WLAN  equipment  from  Cisco,  it 
has  a  wireless  gateway  from  another  vendor,  Burling¬ 
ton,  Mass.-based  Bluesocket  Inc.  The  gateway  sits 
between  the  wired  and  wireless  networks,  provid¬ 
ing  authentication,  encryption  and  role-based  access 
to  applications.  “It  gives  us  a  lot  of  flexibility  and 
doesn’t  lock  us  into  one  architecture  or  vendor  as  far 
as  access  points  or  wireless  cards,”  Balgrosky  says. 

Picking  standards-based  technology  is  the  key  to 
her  future-proofing  strategy.  “You  can’t  know  every¬ 
thing  before  you  make  a  move.  You  have  to  be  able  to 
skate  to  where  the  puck  is  going,”  Balgrosky  says. 

“We  can  shift  without  too  much  effort,  once  the  bugs 
[associated  with  the  latest  standards]  are  worked  out.” 

Because  vendors  like  Cisco  and  Proxim  build  a  level 
of  backward  compatibility  into  their  hardware,  up¬ 
grading  from  802.11b  to  802.11g  doesn’t  generally  re¬ 
quire  outside  help.  “It  is  relatively  simple  to  upgrade, 
provided  there  is  adequate  documentation  of  what  is 
deployed,”  says  Tom  Hagin,  vice  president  of  sales  at 
NetXperts  Inc.,  a  WLAN  systems  integrator  in  San 
Ramon,  Calif. 

But  there  is  one  caveat  for  migrations  to  802.11g. 


COMING  ATTRACTIONS: 

Emerging 
WLAN  Standards 


n  An  44  Dim  to  be  ratified  by  the  IEEE  in  June, 

802.116  802.Tle  QoS  specification  is  de¬ 

signed  to  guarantee  the  quality  of 
voice  and  video  traffic.  It  will  be  particularly  important 
for  companies  interested  in  using  Wi-Fi  phones. 


nn n  aa-  Also  called  Wi-Fi  Protected  Access 

O02.11i  2  (WPA  2),  802.TH  is  expected  to  be 

ratified  in  June.  WPA  2  supports  the 
128-bit  Advanced  Encryption  Standard,  along  with  802.1x 
authentication  and  key  management  features. 


...  Due  for  ratification  sometime  next 

802.11k  year' ,he  802.11k  Radio  Resource 

Management  standard  will  provide 
measurement  information  for  access  points  and  switch¬ 
es  to  make  WLANs  run  more  efficiently.  It  may.  for  ex¬ 
ample,  better  distribute  traffic  loads  across  access 
points  or  allow  dynamic  adjustments  of  transmission 
power  to  minimize  interference. 


aaa  44  The  Standard  for  Enhancements 

802.1111  *or  Higher  Throughput  is  designed 

to  raise  the  effective  WLAN  throughput 
to  lOOMbit/sec.  But  the  group  handling  this  task  is  still  in 
the  very  early  stages  of  its  work. 


While  the  real-world  performance  of  upgraded 
WLANs  can  average  about  25Mbit/sec.  when  all 
clients  run  802.11g,  the  performance  of  the  entire  net¬ 
work  drops  to  802.11b  levels  of  5M  to  6Mbit/sec. 
when  any  802.11b  client  device  logs  on.  “When  oper¬ 
ating  in  mixed  mode,  there  is  a  throughput  hit  associ¬ 
ated  with  that  backward  compatibility,”  says  Cisco’s 
Seide.  This  can  come  as  an  unwelcome  surprise  if 
planners  haven’t  anticipated  it. 


Sorting  Out  the  Options 

Beyond  simple  upgrade  issues,  many  companies 
need  help  sorting  through  WLAN  architecture  alter¬ 
natives.  “We  get  a  lot  of  calls  to  help  people  under¬ 
stand  the  ramifications  of  their  choices,”  says  Hagin. 
Security  is  always  an  important  consideration,  and 
most  companies  want  a  flexible  architecture  that  will 
give  them  the  option  to  run  voice  as  well  as  data  over 
the  WLAN. 

Voice  over  WLANs  is  a  hot  topic,  especially  in 
industries  like  health  care,  academia,  public  transit 
and  manufacturing,  which  have  been  on  the  forefront 
of  WLANs.  Running  wireless  IP  phones  over  a  WLAN 
can  reduce  phone  bills,  especially  for  operational  and 
building  maintenance  personnel  who  tend  to  be 
heavy  users  of  cell  phones  or  walkie-talkies. 

At  the  other  end  of  the  spectrum,  businesses  in  oth¬ 


er  industries,  such  as  financial  services,  are  only  start¬ 
ing  to  investigate  wireless.  Only  about  35%  of  Fortune 
1,000  companies  have  deployed  WLANs,  says  Stephen 
Elliot,  an  analyst  at  market  research  firm  IDC.  Most  of 
those  companies  have  finished  wireless  pilots  and  are 
pondering  whether  —  and  how  —  to  wade  in. 

Companies  with  a  blank  WLAN  slate  want  to  pick 
network  hardware  that  will  be  secure,  easy  to  man¬ 
age  and  able  to  evolve  with  future  developments.  For 
example,  all  new  equipment  should  have  a  migration 
path  for  supporting  the  802.11e  quality-of-service 
standards  (which  should  be  finalized  later  this  year) 
for  future  voice-over-IP  applications. 

Whether  an  organization  is  upgrading  or  starting 
from  scratch,  all  decisions  should  flow  from  what 
will  run  on  the  WLAN.  “Are  you  looking  at  a  true 
multiservice  wireless  network  that  could  include 
voice,  data  and  possibly  video?  Who  needs  access?  It 
all  goes  back  to  what  applications  you  will  be  run¬ 
ning,”  says  Hagin.  Integrators  will  conduct  such  as¬ 
sessments  for  a  fee.  For  example,  NetXperts  typically 
charges  between  $1,600  and  $60,000  for  a  compre¬ 
hensive  site  survey.  As  part  of  the  process,  techni¬ 
cians  set  up  a  temporary  wireless  network  and 
record  room  sizes  and  monitor  signal  strength  while 
polling  users  to  determine  their  bandwidth  needs. 

Companies  also  need  to  examine  WLAN  usage 
trends  and  security  policies  and  procedures.  And 
budget  prioritization  is  a  critical  piece  of  any  WLAN 
project.  “You  only  have  so  much  money  that  you  can 
spend.  You  have  to  deploy  certain  areas  before  oth¬ 
ers,  and  there  are  political  issues  with  that,”  says 
Todd  Krupa,  communications  officer  for  information 
and  access  technology  services  at  the  University  of 
Missouri-Columbia. 

The  university  has  an  802.11b  network  and  uses 
Wavelink  Mobile  Manager  from  Wavelink  Corp.  in 
Kirkland,  Wash.,  for  centralized  WLAN  management. 
Krupa  plans  to  upgrade  50  buildings  to  802.11a  in  the 
next  12  to  18  months  while  continuing  to  run  802.11b  in 
others.  He  doesn’t  expect  the  transition  process  to  be 
a  big  deal  for  users,  since  students  tend  to  arrive  each 
year  with  the  latest  technology.  “In  18  months,  it  is 
very  likely  they  will  have  a/b/g  notebooks,  especially 
since  those  are  already  on  the  market  now,”  he  says. 

Far  bigger  than  the  technology  choices,  Krupa 
believes,  are  the  nontechnical  issues.  For  example, 
since  he’s  in  a  university  setting,  he  can’t  control  use 
the  way  a  business  might.  “Those  have  to  be  campus¬ 
wide  decisions,”  Krupa  says.  He  recommends  hav¬ 
ing  a  wireless  communications  plan  to  convey  usage 
and  security  policies  and  manage  performance 
expectations. 

IDC’s  Elliot  agrees.  “You  need  to  do  a  deeper 
analysis  of  what  this  technology  can  bring.  It’s  not 
always  going  to  be  positive,”  he  says.  “Those  who 
don’t  get  access  —  or  don’t  get  it  first  —  are  not 
going  to  be  happy.”  ©  46174 


Paul  is  a  freelance  writer  in  Newton,  Mass. 
You  can  reach  her  at  laurenpaul@attbi.com. 


WIRELESS  SECURITY  WOES 

Vendor  squabbles  are  creating  confusion  around  the  adoption  of 
WPA  2,  the  emerging  802.11i  standard  for  Wi-Fi  security: 
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XSL 

g  DEFINITION  '  ft 

I  Extensible  Stylesheet  Language  ||| 
J  <XSL)  is  a  family  of  languages  if 
p  and  specifications  designed  for  g 
B  laying  out  and  presenting  XML  1 
documents  and  data  in  speci- 
m  fied  formats  appropriate  for  the  1 
If  final  output  medium  or  device.  9 


BY  RUSSELL  KAY 

arkup  languages 
have  been  around 
since  1969,  when 
three  IBM  research¬ 
ers  created  the  Generalized 
Markup  Language.  That  was 
the  grandfather  of  Hypertext 
Markup  Language  (HTML), 
which  makes  the  Web  work, 
and  of  Extensible  Markup 
Language  (XML),  which  has 
become  the  primary  means  of 
defining,  storing  and  format¬ 
ting  data  in  a  multitude  of 
areas,  including  documents, 
forms  and  databases. 

At  the  heart  of  these  lan¬ 
guages  is  a  system  called  tag¬ 
ging,  where  text  or  data  is 
marked  by  indicators  enclosed 
in  angled  brackets,  always  at 
the  beginning  <tag>  and  often 
at  the  end  </tag>. 

HTML  pages  use  standard¬ 
ized,  predefined  tags.  For  ex¬ 
ample,  <p>  means  a  paragraph, 
<hl>  means  a  header  and  <b> 
followed  by  </b>  means  the 
enclosed  text  is  to  be  bold. 
Web  browsers  interpret  these 
tags  and  format  the  text  ac¬ 
cordingly  when  they  display 
the  pages  on-screen. 

With  XML,  however,  pro¬ 
grammers  can  make  up  tags, 
and  browsers  have  no  built-in 
way  of  knowing  what  the  tags 
mean  or  what  to  do  about  them. 
Further  complicating  matters, 
we  can  use  tags  to  describe 
data  itself  (content)  or  to  give 
formatting  instructions  (how  to 


display  or  arrange  an  element). 

For  instance,  <table>  could 
refer  to  a  matrixlike  arrange¬ 
ment  of  items  on  an  HTML 
page,  or  it  could  signify  a  piece 
of  furniture.  This  flexi¬ 
bility  makes  XML  pow¬ 
erful,  but  it  confuses 
the  distinction  between 
content  and  format. 

In  order  to  display 
XML  documents  use¬ 
fully,  we  need  a  mechanism 
that  identifies  and  describes 
the  meaning  of  formatting  tags 
and  shows  how  they  affect 
other  parts  of  the  document. 


Past  mechanisms  have  includ¬ 
ed  the  Document  Style  Se¬ 
mantics  and  Specification  Lan¬ 
guage,  and  Cascading  Style 
Sheets  [QuickLink  19839].  Both 
have  now  been  ex¬ 
tended  and  super¬ 
seded  by  Extensible 
Stylesheet  Language,  a 
standard  recommend¬ 
ed  by  the  World  Wide 
Web  Consortium 
(W3C)  in  2001. 

XSL  provides  a  comprehen¬ 
sive  model  and  vocabulary  for 
writing  stylesheets  using  XML 
syntax.  It  is  used  to  define 


how  to  transform  an  XML  file 
into  a  format  (such  as  HTML) 
that  a  browser  can  recognize 
and  understand. 

XSL  can  add  elements  to  the 
output  file  or  remove  or  ig¬ 
nore  existing  elements.  It  can 
rearrange  and  sort  the  ele¬ 
ments,  test  and  make  decisions 
about  which  elements  to  dis¬ 
play,  and  a  lot  more. 

Components  of  XSL 

XSL  is  actually  a  family  of 
three  tools  produced  by  the 
W3C’s  XSL  Working  Group: 
XPath,  XSLT  and  XSF-FO. 

■  XPath,  or  XML  Path  Lan¬ 
guage,  is  used  to  specify  the 
parts  of  an  XML  document 
that  will  be  transformed  by 
XSL  Transformations  (XSLT). 
XPath  interprets  an  XML  doc¬ 
ument  as  a  hierarchical  tree  of 
nodes,  which  can  include  ele¬ 
ments,  attributes  or  text.  The 
hierarchical  tree  is  called  the 
source-node  tree. 

■  XSLT  describes  how  to  fil¬ 
ter  or  convert  (transform) 
XML  documents  into  other 
types  of  XML  documents,  in¬ 
cluding  XSL  Formatting  Ob¬ 
ject  (XSL-FO)  files.  An  XSLT 
stylesheet  contains  a  set  of 
template  rules  for  transform¬ 
ing  a  source  tree  by  matching 
a  pattern  against  elements  in 
the  source  tree.  When  a  match 
is  found,  the  rules  are  used  to 
create  a  new  node  in  the  result 
tree.  The  result  tree’s  struc¬ 
ture  can  be  completely  differ- 
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are  applied  to  the  result-node  tree, 
creating  an  XSL-FO  result  file. 
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ent  from  that  of  the  source 
tree  because  elements  can  be 
filtered  and  reordered  and  ar¬ 
bitrary  structure  added.  An 
XSLT  stylesheet  is  like  a  so¬ 
phisticated  search-and-replace 
routine. 

■  XSL-FOs  are  instructions 
that  define  exactly  how  a  doc¬ 
ument  will  be  formatted  for  a 
specific  medium  or  device. 

For  a  document  to  be  printed, 
formatting  objects  can  include 
characters,  blocks  of  text,  im¬ 
ages,  tables,  borders,  master 
pages  and  the  like. 

XSL-FO  specifies  various 
layout  rules  (e.g.,  where  page 
breaks  can  occur)  and  require¬ 
ments  (e.g.,  placement  of  foot¬ 
notes),  but  the  XSL-FO  file  it¬ 
self  doesn’t  determine  exactly 
where  each  element  is  posi¬ 
tioned.  That’s  done  by  a  sepa¬ 
rate  formatting  engine  that  in¬ 
terprets  the  file. 

XSL-FO  isn’t  restricted  to 
printed  pages  and  on-screen 
appearance;  it  can  also  specify 
audio  reproduction,  for  exam¬ 
ple.  Confusingly,  XSL-FO  is 
sometimes  referred  to  as  XSL. 

Why  XSL? 

XSL  is  designed  for  repetitive 
situations  where  documents 
are  dynamically  generated  and 
formatted  on  demand,  not  for 
documents  that  require  a  cre¬ 
ative  professional  to  modify 
the  layout,  content  and  typog¬ 
raphy  to  get  an  acceptable  (al¬ 
beit  static)  result.  XSL  is  thus 
an  ideal  fit  for  documents  that 
have  to  be  output  in  a  variety 
of  formats  and  on  many  differ¬ 
ent  types  of  devices,  ranging 
from  printers  and  computer 
screens  to  handhelds  and 
phones.  O  46274 


Kay  is  a  Computerworld  con¬ 
tributing  writer  in  Worcester, 
Mass.  Contact  him  at 
russkay@charter.net. 


MORE  ON  XSL 


For  a  list  of  additional  resources  about  XSL, 
visit  our  Web  site: 


O  QuickLink  46275 

www.computerworid.com 


Are  there  technologies  or  issues  you’d  like 
to  learn  about  in  QuickStudy?  Send  your 
ideas  to  quickstudy@computerworld.com 


To  find  a  complete  archive  of  our 
QuickStudies,  go  online  to 

©  computerworld.com/quickstudies 


A  server  engineered  to  deliver  on  both  sides  of  the  price/performance  equation. 


The  HP  ProLiant  DL380  G3  gives  you  true  high  performance  at  a  truly  affordable  price,  while  our  Intel®  Xeon™ 

processor-powered  HP  ProLiant  DL380  G3  server  certainly  offers  blazing  performance,  the  engineers  behind  it  would  challenge  you  to  rethink  the  definition 
of  performance  entirely.  Consider,  for  example,  what  happens  when  you  need  to  add  a  storage  device  to  a  typical  server  — the  server  must  be  powered 
down,  and  your  productivity  drops  to  zero.  This  fact  led  us  to  design  hot-pluggable  technology  on  the  DL380  that  allows  you  to  swap  out  a  number  of  key 
server  components,  including  the  reliable  and  efficient  HP  DAT  7 2h  tape  backup  solution  without  ever  interrupting  server  operation.  The  DL380  and  DAT  72h 
also  feature  space-saving  designs,  and  server  management  is  easy  yet  robust  thanks  to  our  ProLiant  Essentials  Software.  Demand  more  uptime  and  more  real 
performance  from  a  server.  And  demand  more  value,  from  HR 


HP  ProLiant  DL380 
G3  SERVER 

$3,018 

One  Intel®  Xeon™  processor  3.06GHz  with 
512KB  cache  (upgradable  to  2  x  3.20GHz) 

1GB  PC2100DDR  SDRAM  (12GB  maximum)' 

Integrated  Lights-Out  (iLO) 
management  (standard) 

ServerWorks  GC-LE  Chipset 
Integrated  Smart  Array  5i  Plus  Controller 
Three  available  PCI-X  slots  (2  hot  pluggable) 
Two  NC7781  PCI-X  Gigabit  NICs  (embedded) 


Enhance  your  system. 


HP  STORAGE  WORKS  DAT  72  h 

HOT- PLUG  TAPE  DRIVE 

-  Industry-standard  DDS  technology 

-  Up  to  36GB  native  capacity  on  a  single 
tape,  72GB  at  2:1  compression* 

—  HP  StorageWorks  One-Button  Disaster 
Recovery  (OBDR)  restores  your  entire 
system  at  the  touch  of  a  button 

—  Up  to  3MB/s  native  data  transfer  rate, 
6MB/s  with  2:1  compression 

$1,349 

(after  $150  instant  savings) 


m 


n  v  e  n  t 


*HP  StorageWorks  DAT  72h  offer  good  through  5/31/04. 


BUY  NOW 

Click,  www.hp.com/go/proliantesg2 

Call  Toll  Free 

1-888-367-1949 


Reductions  taken  at  time  of  purchase.  *HP  StorageWorks  DAT  72h  hot-piug  tape  drive  offer  ends  5/31/04.  Other  restrictions  may  apply.  Prices  shown  are  HP  direct  prices;  reseller  and  retail  prices  may  vary.  Prices  shown  are  subject  to  change 
and  do  not  include  applicable  state  and  local  taxes  or  shipping  to  recipient's  address.  Limited  order  quantities.  Offers  cannot  be  combined  with  any  other  offer  or  discount  and  are  good  while  supplies  last.  Promotions  void  where  prohibited  or 
restricted  by  law.  HP  reserves  the  right  to  modify  or  withdraw  these  promotions  at  any  time.  HPFSC  reserves  the  right  to  change  or  cancel  this  program  at  any  time  without  notice.  ’For  hard  drives,  GB=billion  bytes.  All  featured  offers 
available  in  U.S.  only.  Intel,  Intel  Inside,  the  Intel  Inside  logo  and  Intel  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  U.S.  and  other  countries.  ©2004  Hewlett-Packard  Development  Company,  L.P. 
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Back  Door  Puts 
Vendor  on  Hot  Seat 


Notification  of  a  hidden  back  door  in  a  wireless 
LAN  product  leads  to  some  hard  questions 
during  a  vendor  sales  call.  By  Vince  Tuesday 


IT’S  not  polite  to  poke  fun 
at  your  vendors,  but  during 
a  recent  meeting  with  our 
Cisco  reps,  I  couldn’t  re¬ 
sist.  We  had  the  reps  in  for  a 
chat  about  some  of  Cisco’s  lat¬ 
est  security  products  and  our 
planned  wireless  LAN  deploy¬ 
ment.  But  my  team  and  I  had 
questions  for  them  after  read¬ 
ing  news  reports  of  a  security 
problem  with  their  Wireless 
LAN  Solution  Engine 
and  Hosting  Solution 
Engine  products 
[QuickLink  46058]. 

According  to  the 
stories,  if  you  authen¬ 
ticate  with  a  certain 
username  and  pass¬ 
word  coded  into  some  ver¬ 
sions  of  those  products,  you 
can  take  over  the  system.  In 
other  words,  the  products 
have  a  back  door. 

In  my  experience,  there  are 
three  kinds  of  back  doors: 
those  introduced  by  lazy  de¬ 
velopers,  those  put  in  by 
clever  hackers  and  those  put 
in  by  stupid  hacker/develop¬ 
ers.  As  we  met  with  the  Cisco 
reps,  I  wondered  which  cate¬ 
gory  best  described  their 
problem. 

If  you’re  a  hacker  and  you 
manage  to  break  into  a  box, 
how  do  you  make  sure  you  can 
come  back  when  you  like?  The 
owner  will  likely  patch  the 
hole  you  used.  If  you  add  your 
own  normal  account,  it  might 
be  spotted  and  turned  off,  so 
instead  you  slip  in  a  back  door. 
Provide  the  correct  username 
and  password,  and  you’re  in. 

If  you’re  a  lazy  developer 
and  can’t  be  bothered  to  set  up 
and  remember  usernames  and 
passwords  on  all  of  your  sys¬ 
tems,  you  might  embed  them 
into  the  development  code  so 


that  you  have  a  way  into  every 
system  for  debugging  and  fix¬ 
ing  problems.  This  may  be  ac¬ 
ceptable  in  prerelease  code 
but  should  be  removed  from 
the  final  product. 

A  not-so-smart  hacker/ 
developer  might  leave  a  back 
door  to  use  later.  But  a  hard¬ 
coded  username  and  password 
would  be  an  unlikely  choice 
for  such  a  back  door.  It  would 
be  quite  obvious 
within  the  code,  and 
product  managers 
could  use  even  the 
most  basic  change- 
control  systems  to 
quickly  identify  who 
added  it. 

A  clever  hacker/developer, 
however,  might  include  a  sub¬ 
tle  buffer  overflow  or  race 
condition  so  that  if  it  was  dis¬ 
covered,  he  could  say  it  was  a 
programming  error.  Given  the 
high  number  of  buffer  over¬ 
flows  in  current  software 
products,  a  few  deliberately 
slipped  in  are  hardly  going  to 
stand  out. 

To  be  fair,  Cisco  isn’t  the 
first  company  to  be  hit  with 
this  problem,  and  it  did  issue 


Given  the  apologetic 
faces  and  mumbling 
around  the  table 
when  we  poked  fun 
at  these  security 
flaws,  I’m  pretty 
sure  this  has  caused 
some  changes. 


patches  right  away.  During  my 
early  days  in  this  business, 
back  doors  were  a  big  worry. 
The  one  built  into  sendmail, 
for  example,  was  high  on 
every  auditor’s  checklist.  Sup¬ 
posedly,  the  program’s  author 
got  tired  of  wasting  time  try¬ 
ing  to  help  people  who  had 
been  unable  to  get  his  soft¬ 
ware  working,  so  he  installed  a 
back  door  that  let  him  connect 
to  the  remote  system  by  sim¬ 
ply  typing  “wiz.”  The  system 
would  reply  “Please  pass,  oh 
mighty  wizard”  and  provide  a 
root  prompt  so  he  could  diag¬ 
nose  and  repair  e-mail  deliv¬ 
ery  problems. 

But  Cisco  really  shouldn’t 
have  let  this  slip  through.  The 
company  is  a  leading  network 
security  vendor,  so  if  this 
problem  was  caused  by  a  lazy 
coder,  why  didn’t  Cisco  catch 
it  in  the  code  review?  Given 
the  apologetic  faces  and  mum¬ 
bling  around  the  table  when 
we  poked  fun  at  these  security 
flaws,  I’m  pretty  sure  this  has 
caused  some  changes  within 
the  Cisco  product  teams.  I 
doubt  that  we’ll  be  seeing  this 
kind  of  problem  again. 

The  Tables  Turn 

When  I’ve  not  been  in  meet¬ 
ings  poking  fun  at  errors  on 
the  vendor  side,  I’ve  been  in 
meetings  where  vendors  have 
poked  fun  of  and  taken  advan¬ 
tage  of  our  mistakes. 

We’ve  been  working  for  ages 
on  an  upgrade  to  our  desktop 
antivirus  scan  engines.  All  the 
new  systems  we  build  have 
the  latest  engine,  and  all  the 
systems  have  up-to-date  virus 
signatures.  But  those  signa¬ 
tures  aren’t  enough  to  defeat 
virus  infections. 

The  scan  engine  tells  the 
antivirus  tool  where  and  how 
to  look  for  extracts  of  files 
that  should  be  compared  with 
the  signatures.  So  if  a  virus 
has  found  a  new  place  to  hide, 
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or  Microsoft  has  changed  the 
format  of  an  Office  document, 
you’ll  need  an  updated  engine. 

I  suspect  that  some  vendors 
also  release  new  engines  as  a 
kind  of  planned  obsolescence, 
forcing  users  to  upgrade.  Our 
current  vendor  is  certainly 
taking  advantage  of  our  delays 
in  completing  our  upgrade. 

Although  the  current  signa¬ 
tures  work  with  our  old  en¬ 
gine,  that  product  has  reached 
the  end  of  its  life.  The  vendor 
currently  charges  us  tens  of 
thousands  of  dollars  per  quar¬ 
ter  for  signature  updates  for 
the  old  engine.  I  suppose, 
however,  that  this  is  a  small 
price  to  pay  when  you  consid¬ 
er  the  alternatives:  a  painful, 
forced  rush  to  finish  the  up¬ 
grades,  or  running  without 
antivirus  software  at  all. 

The  last  time  this  happened, 
a  few  years  ago,  paying  for  sig¬ 
nature  updates  gained  us  ac¬ 
cess  to  a  special  FTP  down¬ 
load  site  containing  signatures 
that  were  supposedly  checked 
and  tested  for  our  older  scan 
engine.  But  those  files  had  ex¬ 
actly  the  same  checksums  as 
the  generally  available  ones. 

At  least  the  vendor  had  put  on 
a  decent  show  for  us.  This  time 
around,  it  dispensed  with  the 
charade.  The  vendor  just  asked 
us  to  pay  the  money  and  told 
us  to  download  signature  files 
from  the  same  generally  avail¬ 
able  site  everyone  else  uses. 

Of  course,  we  don’t  have  to 
pay.  We  could  just  download 
the  current  signature  files  and 
use  them,  but  we  aren’t  that 
kind  of  company.  Given  that 
we’re  paying,  it  seems  a  bit  im¬ 
polite  for  the  vendor  to  rub  in 
the  fact  we  aren’t  getting  any¬ 
thing  more  for  our  money. 
Then  again,  given  that  Cisco 
knew  about  and  had  rectified 
the  backdoor-password  prob¬ 
lem,  perhaps  it  was  impolite  of 
us  to  rub  that  in.  So  I  guess 
we’re  even.  I 

WHAT  DO  YOU  THINK? 

This  week’s  journal  is  written  by  a  real 
security  manager,  “Vince  Tuesday,"  whose 
name  and  employer  have  been  disguised 
tor  obvious  reasons.  Contact  him  at  vince. 
tuesday@hushmail.com,  or  join  the  dis¬ 
cussion  in  our  forum.  QuickLink  a1590 

To  find  a  complete  archive  of  our 
Security  Manager’s  Journals,  go  online  to 

©  computerworld.com/secjournal 


Security  Bookshelf 

■  Malicious  Cryptography: 
Exposing  Cryptovirology,  by 
Adam  L.  Young  and  Moti  Yung; 
John  Wiley  &  Sons 
Inc.,  2004. 

Cryptography  has 
been  the  great  sav¬ 
ior  of  information  se¬ 
curity,  making  the 
Internet  safe  for 
e-commerce.  But 
what  would  happen  if  the  pow¬ 
er  of  cryptography  was  hi¬ 
jacked?  For  example,  could  a 
virus  writer  encrypt  your  data 
and  demand  a  fee  to  unen¬ 
crypt  it?  This  book  attempts  to 
answer  intriguing  questions 
like  those. 

The  authors  provide  a  guide 
to  the  “what  ifs”  of  potential 
attacks.  They  discuss  scenar¬ 
ios  at  length  while  skating 
over  details  such  as  how  an 
attacker  would  receive  a  pay¬ 
off  without  being  traced. 

Another  quibble  I  have  is 
that  the  first  chapter  uses  sec¬ 
ond-person  voice  to  describe  a 
fictional  incident.  This  kind  of 
experimental  fictional  sce¬ 
nario  isn’t  well  suited  to  a  se¬ 
curity  reference.  But  if  you 
skip  it  and  delve  into  the  other 
chapters,  you’ll  find  this  book 
a  fascinating  read. 

-  Vince  Tuesday 

CA  Updates 
ETrust  Antivirus 

Computer  Associates  Interna¬ 
tional  Inc.  has  released  eTrust 
Antivirus  7.1.  The  software  fea¬ 
tures  a  centralized  console  for 
managing  security  across  Win¬ 
dows,  NetWare,  Macintosh, 
Unix  and  Linux  environments, 
and  it  can  generate  more  than 
60  reports  about  potential 
threats.  Prices  start  at  $40. 

SecureZipAdds 
3DES  Encryption 

PKWare  Inc.  last  week  re¬ 
leased  SecureZip  v8  for  Win¬ 
dows.  The  file-compression 
software  now  uses  encryption 
algorithms  based  on  AES  and 
3DES,  said  Brown  Deer,  Wis.- 
based  PKWare.  Prices  start 
at  $80. 


i  want  to  Stop  focusing  on  what’s  attacking  my  servers 


and  Start  focusing  on  attacking  new  markets. 


Start  expanding  securely  with  intrusion  Prevention  Solutions  from  McAfee  Security. 


By  combining  System  Protection  and  Network  Protection  Solutions,  the  McAfee*  Security  Protection-in-Depth  srategy  secures  your 
business  from  the  desktop,  to  the  network,  to  the  server— the  mission-critical  heart  of  your  IT  infrastructure.  Add  our  Intrusion  Prevention 
technologies  and  you  can  start  preventing  known  and  unknown  threats  rather  than  merely  detecting  them.  Which  means  you'  can  think'-a-rW 

little  less  about  security,  and  more  about  securing  new  markets.  Start  today  at  start.mcafeesecurity.com  ■  I  ' 

'P.r-v  ,,  TT>T'.,W  '' 

Because  security  is  not  just  about  what  you  can  stop, 


?•  - . ;y  ''••Vi’-r  'll.-  p'.u,  ut  rn uttered  trademarks  Of  trademark© ©f  Network  Associates,  Inc  and/or  its  affiliates,  !Q.  the  US  and/or other  countries 

'  ;'s  fierefri  are  the  is  ole  property  of  their  respective  owners  ©  .20.04  Networks  Associates  Technology  I  nr.  All  Rights  Reserved 
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WebSphere  Gets 
Commerce  Upgrade 

IBM  last  week  released  Web¬ 
Sphere  Commerce  5.6,  an  update 
to  its  software  for  building  busi- 
ness-to-consumer  and  business- 
to-business  Web  sites.  New  fea¬ 
tures  include  an  enhanced  Busi¬ 
ness  Context  Engine  that  allows 
for  greater  personalization  by 
separating  user  information  from 
the  business  logic,  and  improved 
multichannel  integration  capabili¬ 
ties,  according  to  IBM. 


Riverbed  Spawns 
WAN  Appliance 

Riverbed  Technology  Inc.  in  San 
Francisco  last  week  announced 
the  availability  of  its  Steelhead 
appliance,  which  the  company 
says  makes  applications  running 
across  WANs  perform  up  to  100 
times  faster.  Steelhead,  which  is 
Linux-based,  sits  on  both  sides  of 
the  network  and  uses  data  com¬ 
pression,  caching  and  transaction 
prediction  technology  to  optimize 
all  TCP  traffic.  Retail  prices  run 
from  $5,995  to  $39,995. 


VMware  Supports 
64-bit  Pro 
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VMware  Inc.  in  Palo  Alto,  Calif., 
last  week  announced  that  its  vir¬ 
tualization  technology  will  sup¬ 
port  the  64-bit  Opteron  processor 
from  Advanced  Micro  Devices 
Inc.  and  Intel  Corp.’s  EM64T 
Xeon  processor  with  64-bit 
extensions,  which  is  expected  to 
be  released  this  summer.  Both 
chips  are  capable  of  running  32- 
and  64-bit  applications. 


CA  Releases  Oracle 
Productivity  Pack 

Systems  management  software 
maker  Computer  Associates  In¬ 
ternational  Inc.  has  announced 
the  CA  Productivity  Pack  for  Ora¬ 
cle.  The  application  offers  a  sin¬ 
gle  console  to  optimize  the  devel¬ 
opment  and  management  of  Ora¬ 
cle  databases  and  is  available 
now.  Pricing  starts  at  $6,757. 


PAUL  A.  STRASSMANN 


The  Cost  of 
Shortterm  CIOs 


Back  IN  THE  June  10, 1996,  issue  of  Com- 
puterworld ,  I  first  reported  on  the  average 
longevity  of  CIOs  in  their  jobs.  Based  on 
comparisons  between  1994  and  1995, 1  calcu¬ 
lated  the  one-year  turnover  rate  for  CIOs  to 
be  24%,  which  translated  into  an  average  job-tenure  ex¬ 
pectancy  of  25  to  28  months. 

Those  estimates  were  widely  quoted  in  many  arti¬ 
cles  by  authors  who  arrived  at  various  conclusions 


been  in  five  CIO  jobs 
from  1962  through  2C 
CIO  tenure  statistics  are 
of  personal  interest. 


about  the  significance  of 
my  numbers.  One  author 
believed  that  the  rapid 
turnover  rate  offered 
telling  evidence  that  future 
CEOs  were  groomed  for 
advancement  by  passing 
through  a  brief  tour  of  duty 
in  the  CIO  position.  Others 
saw  it  as  proof  of  the  per¬ 
sistent  failure  by  top  man¬ 
agement  to  understand  the 
performance  requirements 
for  the  CIO  job.  Frequent 
swapping  of  people  in  and 
out  of  the  CIO  position  was  seen  else¬ 
where  as  an  example  of  managerial 
confu.sion  about  the  rising  importance 
of  information  economics. 

To  my  best  knowledge,  there  have 
been  no  published  studies  of  CIO 
turnover  in  the  eight  years  since.  The 
time  seems  ripe  to  check  whether  the 
CIO  position  has  acquired  greater  per¬ 
manence  as  IT  budgets  have  more 
than  doubled. 

In  press  reports,  244  companies 
identified  the  names  of  their  CIOs 
both  in  2002  and  in  2003.  Fifty-one 
CIO  names  were  different  from  one 
year  to  another,  offering  an  individual¬ 
ly  verified  one-year  attrition  rate  of 
21%.  However,  the  press  also  men¬ 
tioned  111  CIOs  in  2002  who  didn’t 
reappear  in  2003.  There  were  also 


100  CIOs  listed  in  2003 
who  escaped  press  atten¬ 
tion  in  2002.  If  we  assume 

—  and  from  my  experi¬ 
ence,  it’s  a  safe  assumption 

—  that  about  half  of  these 
unidentified  CIOs  left 
their  jobs  in  the  interim, 
the  one-year  attrition  rate 
climbs  to  34%. 

The  best  way  to  interpret 
the  attrition  numbers  is  to 
calculate  the  time  it  takes 
until  only  half  of  the  origi¬ 
nal  CIOs  remain  in  their 
positions.  Using  the  21%  attrition  rate, 
there  will  be  only  79  CIOs  left  out  of 
100  after  a  12-month  interval.  After  24 
months,  there  will  be  only  62  left.  Half 
of  the  CIOs  will  thus  be  gone  in  35 
months.  Using  the  34%  estimated  attri¬ 
tion  rate,  there  would  be  only  66  CIOs 
left  after  12  months.  Half  of  the  CIOs 
would  be  gone  after  21  months. 

There  is  no  way  of  telling  whether 
the  half-life  of  the  estimated  CIO  pop¬ 
ulation  of  well  over  2,000  is  20  or  35 
months.  Based  on  the  only  data  avail¬ 
able  to  the  public,  one  can  assume  that 
the  number  is  somewhere  between  the 
two  time  periods  and  not  much  differ¬ 
ent  from  what  it  was  in  1994/1995. 1 
take  this  view  because  the  sources 
of  my  information  —  the  IT  press  — 
favor  stories  about  CIO  winners  and 


therefore  offers  a  positively  biased 
view  about  CIOs  who  may  be  enjoying 
management’s  favors.  Such  a  bias 
would  tend  to  shift  the  actual  life  ex¬ 
pectancy  closer  to  the  most  conserva¬ 
tive  estimate  of  21  months  because  the 
CIO  loser  would  never  get  the  atten¬ 
tion  from  the  press,  whether  he  was 
coming  or  going. 

I  find  these  observations  worrisome, 
in  the  same  way  that  I  did  in  1996.  The 
CIO’s  role  is  to  guide  the  development, 
preservation,  security  and  enhance¬ 
ment  of  a  company’s  information  as¬ 
sets.  Such  assets  now  exceed  in  value 
the  financial  assets  that  are  guarded 
by  the  CFO  establishment,  which  must 
comply  with  a  long  list  of  precedents, 
regulations  and  public  scrutiny. 

The  only  way  to  compensate  for  the 
absence  of  such  consistency  in  policy 
and  precedent  is  to  put  in  place  lead¬ 
ership  in  the  person  of  the  CIO,  who 
will  steer  a  steady  course  and  be  able 
to  provide  the  necessary  guidance  for 
the  IT  organization.  A  leader  can  ac¬ 
complish  that  only  by  taking  a  long¬ 
term  view.  Holding  a  job  for  only  a 
brief  time  is  inconsistent  with  com¬ 
mitting  to  and  then  making  progress 
against  lasting  objectives. 

CIOs  are  likely  to  view  the  high 
turnover  rates  as  incentives  to  make 
choices  that  will  look  good  on  their 
next  resume.  Short-term  executives 
will  assume  that  they  won’t  be  around 
when  the  time  comes  to  account  for 
a  perfectly  predictable  foul-up.  Thus, 
the  short  time  on  a  job  becomes  a  self- 
fulfilling  prophecy  for  avoiding  re¬ 
sponsible  leadership.  High  CIO  turn¬ 
over  is  one  of  the  telling  symptoms 
of  the  malaise  that  makes  our  IT  less 
effective  than  its  potential.  ©  45831 
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Think  Tank 

IT  could  play  a  role  in  finding 
the  right  decision-makers  during 
a  crisis.  Plus,  “category  killer” 
retailers  will  be  spending  big  on 
point-of-sale  systems,  data  ware¬ 
houses  and  RFID.  Page  36 
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Culture  Wars 

New  research  indicates  that  some  IT  projects 
fail  because  a  distinct  IT  subculture  damages 
relationships  between  IT  and  users,  says  Syra¬ 
cuse  University  assistant  professor  Jeffrey 
Stanton.  Page  35 
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OPINION 

What  We  Have  to  Fear 

What’s  more  dangerous  to  IT 
organizations  than  offshore  out¬ 
sourcing?  Fear  of  offshoring, 
says  Paul  Glen.  He  suggests 
ways  to  face  the  fear.  Page  38 


Most  companies  struggle 
to  measure  the  real  value 
of  IT  projects,  but  Har- 
rah’s  Entertainment  Inc. 
has  a  system.  Over  the  past  seven 
years,  the  IT  leaders  at  Harrah’s  in  Las 
Vegas  have  developed  a  robust  finan¬ 
cial  projection,  monitoring,  measuring 
and  tracking  capability  that  accurately 
estimates  the  costs  and  benefits  of  IT 
projects  and  tracks  the  business  value 
they  create.  The  result:  The  business 
bets  big  on  IT. 

“Investments  in  IT  help  sustain  our 
position  as  the  industry  leader,”  says 
Chief  Financial  Officer  Chuck  Atwood. 
“By  setting  up  projects  with  specific 
return  criteria  expected,  then  monitor¬ 
ing  achievement  to  those  objectives, 
our  IT  team  has  built  credibility  within 
the  organization.” 

And  outside  as  well.  Mark  Jeffery, 
who  teaches  executive  education  at  the 
Kellogg  School  of  Management  at 
Northwestern  University  in  Evanston, 
Ill.,  recently  completed  an  exhaustive 
study  of  best  practices  in  IT  portfolio 
management.  Of  the  130  Fortune  1,000 
companies  he  evaluated,  Harrah’s 
ranked  first.  “Everything  I  teach  in  ex¬ 
ecutive  education,  these  guys  are  do¬ 
ing,”  he  says.  “They  blew  me  away.” 

IT  and  business  managers  share 
accountability  for  Harrah’s  projects, 
which  are  designed  to  be  measured  and 
aligned  with  the  business  early  and  of¬ 
ten.  Frequent  monitoring  provides  op¬ 
portunities  to  raise  the  bets  on  promis¬ 
ing  projects  and  revamp  or  fold  those 
that  are  falling  short.  Harrah’s  main¬ 
tains  an  eye-in-the-sky  view  of  the  per¬ 
formance  of  the  entire  project  portfo¬ 
lio,  and  project  results  are  fed  back  into 
the  decision-making  process. 

“We’re  constantly  evaluating  our  in¬ 
vestment  in  information  technology,” 
says  John  Boushy,  senior  vice  president 
of  operations  and  services.  “And  we 
make  decisions  going  forward  based 
on  that.” 

Here’s  how  Harrah’s  does  it. 

Portfolio  planning.  At  the  corporate 

level,  the  Program  Management  Office 


Harrah’s  has  a  sophisticated  process  for 
tracking  the  true  payback  of  IT  projects. 

By  Kathleen  Melymuka 


(PMO)  uses  Clarity  IT  management 
and  governance  software  from  Niku 
Corp.  in  Redwood  City,  Calif.,  to  keep  a 
running  inventory  of  all  projects  and 
proposals  segmented  by  business  unit, 
product,  life-cycle  stage  and  overall 
goal,  such  as  revenue  growth,  cost  re¬ 
duction  or  the  opening  of  new  busi¬ 
ness  channels.  “It  provides  one  inte¬ 
grated  version  of  the  truth,”  says  Heath 
Daughtrey,  vice  president  of  IT  ser¬ 
vices.  The  PMO  maps  the  portfolio  to 
Harrah’s  business  strategy,  prioritizing 
projects  across  the  business  units  and 
looking  for  an  optimal  mix.  It  also 
keeps  tabs  on  IT  resources  (staff,  skills, 
partnerships)  and  how  those  affect 
IT’s  ability  to  deliver. 

At  the  business  unit  level,  the  PMO 
helps  units  prioritize  projects  and  de¬ 
velop  annual  plans  and  budgets,  look¬ 
ing  for  opportunities  to  leverage  and 
advance  enterprise  architecture  and 
product  strategies  while  delivering 
value  for  the  business. 

Business  unit  governance.  The 

business  units  authorize  project  bud¬ 
gets  of  up  to  $250,000.  Governance 
teams  made  up  of  business  unit  and  IT 
leaders  identify  business  needs,  ap¬ 
prove  funding  and  build  a  portfolio  of 
projects.  The  IT  Business  Office,  a 
component  of  the  PMO  staffed  by  ac¬ 
countants,  assists  in  developing  cost- 
benefit  estimates.  “It’s  been  absolutely 
invaluable  for  IT  to  have  a  dedicated 
staff  to  support  us  in  managing  from  a 
financial  standpoint,”  Daughtrey  says. 

Jeffery’s  study  suggests  that  Harrah’s 
IT  Business  Office  is  a  key  to  its  suc¬ 
cess.  More  than  half  the  other  IT 
groups  surveyed  said  they  lacked  the 
financial  skills  needed  to  do  basic 
return-on-investment  analyses. 

The  governance  teams  meet  month¬ 
ly  and  quarterly  to  review  project  per¬ 
formance,  update  the  multiyear  road 
map  and  evaluate  and  realign  invest¬ 
ments,  for  example,  providing  addi¬ 
tional  funding  for  projects  that  demon¬ 
strate  compelling  value. 

This  frequent  realignment  is  critical. 
“Keeping  score  and  frequent  realign- 
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ment  are  among  the  factors  that  really 
make  a  difference  in  high  perfor¬ 
mance,”  Jeffery  explains. 

Business  case  development. 

Projects  with  budgets  of  more  than 
$250,000  need  to  be  approved  by  the 
Corporate  Capital  Committee,  which 
includes  the  CEO,  the  chief  operating 
officer,  the  CFO,  the  CIO  and  various 
senior  vice  presidents.  Using  business 
case  templates,  the  committee  exam¬ 
ines  project  functionality,  initial  and 
ongoing  costs,  timelines,  benefits,  met¬ 
rics  and  organizational  accountability. 

The  IT  Business  Office  assists  in 
business  case  development  and  bene¬ 
fits  estimation  and  measurement,  in¬ 
cluding  internal  rate  of  return,  net  pre¬ 
sent  value,  ROI  and  a  five-year  cost- 
benefit  analysis.  Every  project  has  a 
business  sponsor. 

Corporate  governance.  The  corpo 

rate  Capital  Committee  meets  monthly 
to  authorize  new  projects  and  review 
the  performance  of  ongoing  ones.  It  as¬ 
sesses  both  the  risks  associated  with 
each  project  (delays,  cost  overruns, 


strategic  misalignment)  and  the  risks 
to  the  portfolio  (the  blend  of  mature 
and  breakthrough  technologies),  man¬ 
aging  priorities  and  maximizing  value 
across  the  business  units. 

Implementation.  Using  integrated 
methodologies  for  project,  delivery  and 
quality  management,  project  teams 
deliver.  “They’ve  got  an  incredibly 
competent  IT  team,”  Jeffery  says. 

“They  get  the  job  done.” 

Current  projects  are  reviewed  at 
weekly  meetings,  where  dashboards 
pinpoint  key  performance  indicators, 
and  they  also  pass  through  periodic 
tollgates.  Business  sponsors  review 
projects  monthly  and  quarterly  to  as¬ 
sess  risks  and  provide  early  warning  of 
problems.  They’re  required  to  revisit 
the  business  case  assumptions  and  at¬ 
test  to  their  continued  validity. 

Throughout  the  process,  goals  in¬ 
clude  leveraging  the  existing  enter¬ 
prise  architecture,  improving  efficien¬ 
cies  and  speed  to  market,  reducing 
costs  through  reusability,  developing 
people  through  rotations  and  making 
success  repeatable. 


“It’s  a  combination  of  structure  and 
flexibility,”  says  CIO  Tim  Stanley.  “We 
have  crisp  operating  procedures  and 
structure,  but  we  maintain  that  flexibil¬ 
ity  to  constantly  align  with  business, 
be  responsive  as  things  change  and  re¬ 
ally  be  able  to  go  after  the  big  hitters.” 

Value  management.  After  implemen¬ 
tation,  the  IT  Business  Office  and  the 
sponsoring  business  units  conduct  a  for¬ 
mal  audit  to  measure  actual  project  val¬ 
ue  against  estimates.  Jeffery  says  Har- 
rah’s  can  do  this  easily  because  it  designs 
projects  to  be  measured.  For  example, 
through  intensive  use  of  customer  satis¬ 
faction  surveys,  Harrah’s  can  measure 
the  revenue  it  will  gain  by  moving  a  cus¬ 
tomer  to  a  higher  satisfaction  level. 

“They  can  do  any  business  initiative 
and  target  specific  customers  and  feed 
back  how  it  changed  their  satisfaction 
levels  and  their  spending,”  Jeffery  ex¬ 
plains.  “That  gives  them  a  huge  compet¬ 
itive  advantage.” 

Inform,  reprioritize.  Project  results 

are  used  to  inform  future  investment 
decisions.  For  example,  the  results  of  a 
project  to  maximize  revenue  by  in¬ 
creasing  the  ratio  of  high  spenders  in 
hotel  rooms  now  help  in  estimating 
potential  revenue  growth  from  pro¬ 
posed  hotel  additions  or  expansions. 

Niku  CEO  Josh  Pickus  says  watching 
Harrah’s  performance  makes  him  feel 
like  “a  Formula  One  race  car  designer 
who  finally  got  the  world’s  best  driver” 
to  drive  his  car.  “The  tools  get  exer¬ 
cised,”  he  says. 

Harrah’s  rigorous  business  case  ap¬ 
proach  to  projects,  its  built-in  metrics, 
excellent  execution  and  strong  follow¬ 
up  have  led  to  an  enviable  perfor¬ 
mance.  Project  throughput  has  nearly 
tripled  from  112  projects  in  2001  to  324 
in  2003.  In  2003,  the  aggregate  of  proj¬ 
ects  in  excess  of  $100,000  —  88%  of  to¬ 
tal  IT  expenditures  —  came  in  at  9% 
under  budget.  Seventy-seven  percent 
of  all  projects  came  in  on  time,  on  bud¬ 
get  and  on  target,  while  83%  hit  two  of 
those  criteria. 

Stanley  says  the  success  of  Harrah’s 
IT  portfolio  management  is  largely 
about  alignment.  “Alignment  is  frankly 
pretty  hard,”  he  says.  And  while  align¬ 
ing  each  business  unit  with  IT  is  chal¬ 
lenging,  “pulling  it  all  together  into  an 
overall  strategy  is  the  secret  to  our 
success,”  Stanley  says.  ©  46150 


KEY  QUESTIONS 

For  a  sampling  of  the  questions  that  Harrah’s  managers 
ask  to  keep  their  IT  projects  on  track,  visit  us  online: 
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THROUGH  THE  PACES: 

A  Real 
Project 

A  recent  Harrah’s  project,  the  Rev¬ 
enue  Management  System  (RMS),  was 
targeted  at  increasing  revenue  growth 
by  improving  the  ratio  of  high-rolling 
casino  customers  to  other  customers  in 
the  hotel  rooms.  The  business  case 
stated  that  the  primary  goal  was  to  en¬ 
sure  that  each  hotel  property  filled  as 
many  guest  rooms  as  possible  with 
“rated”  (high-spending)  customers, 
thereby  increasing  revenue.  It  proposed 
to  do  this  by  integrating  a  forecasting 
and  optimization  tool  with  the  existing 
Casino  Management  System  and  Lodg¬ 
ing  Management  System.  The  goal  was 
to  better  manage  hotel  rooms  by  con¬ 
sidering  customer  profitability,  sea¬ 
sonality  and  promotional  events  in 
decision-making. 

The  business  case  assumed  a  con¬ 
servative  3%  revenue  gain  per  rated- 
customer  room  and  conservatively  esti¬ 
mated  an  internal  rate  of  return  of  39%, 
though  it  anticipated  one  of  88%.  The 
plan  included  a  clear  way  to  measure 
project  value  by  multiplying  the  extra 
amount  a  rated  customer  spends  by  the 
number  of  room  nights  that  formerly 
went  to  low  spenders  but  would  now  go 
to  high  spenders. 

Hotel  operations,  marketing  and  IT 
would  share  accountability  for  the  proj¬ 
ect,  which  called  for  an  investment  of 
$8  million. 

After  implementation,  gross  gaming 
revenue  per  rated  room  actually  rose  an 
average  of  15%  (far  outstripping  the  3% 
estimate),  and  there  was  a  16%  increase 
in  conversion  of  nonrated  room  nights  to 
rated  room  nights.  The  resulting  rev¬ 
enue  increase  for  the  first  year  was 
more  than  $50  million,  for  an  internal 
rate  of  return  of  104%.  Moreover, 
while  these  initial  benefits  were  realized 
for  10  properties,  the  system  is  now  used 
at  25  properties,  so  an  even  greater  pay¬ 
back  is  being  realized.  “It's  the  gift  that 
keeps  on  giving,”  says  Heath  Daughtrey, 
vice  president  of  IT  services. 

The  success  of  the  RMS  project  led 
to  the  subsequent  approval  of  “Yield  on 
the  Web,”  a  project  that  extended  the 
RMS  capabilities  to  the  Web  channel. 
Data  from  the  RMS  is  also  used  in  esti¬ 
mating  the  revenue  growth  potential  of 
proposed  hotel  additions  or  expansions. 

-  Kathleen  Melymuka 


Portfolio  Management  Maturity  Model 


Based  on  a  survey  of  130  Fortune  1,000  IT 
groups  and  extensive  research  into  best  prac¬ 
tices  in  IT  portfolio  management,  Mark  Jef¬ 
fery  of  the  Kellogg  School  of  Management  at 


Northwestern  University  has  developed  an  IT 
Portfolio  Management  Maturity  Model.  Here 
are  his  findings,  along  with  the  percentage  of 
survey  respondents  found  in  each  category. 
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LEVEL  1:  Ad  hoc 

Random  projects 
Uncoordinated  decisions 


24.5° 


Synchronized 

Professional  project  management 
processes 

-  Use  of  evolving  metrics  to  measure 
project  value  through  its  life  cycle 
Frequent  reviews  to  realign  projects 
and  weed  out  underperformers 
1  Assessment  of  both  project  and 
portfolio  risk 

Assessment  of  future  opportunities 
the  project  enables 
Disciplined  feedback  from  business 
■  Results  feed  decision-making 


LEVEL  2:  Defined 

Standard  methods  for  evaluating  and 
prioritizing  project  proposals 
Central  project  management  office 
Central  budget  oversight 
Central  database  of  projects,  with  rough 
estimates  of  costs  and  benefits 
Basic  understanding  of  financial  metrics 
used  to  make  investment  decisions 
No  consistent  organizationwide  compliance 
No  links  into  budgeting  cycles 
No  assessment  of  results  or  feedback 
into  decision-making 


LEVEL  S  Managed 

Links  to  budgetary  cycle 
:  Financial  metrics  such  as  ROI 
and  net  present  value  consistently 
calculated  and  used  in  annual  reviews 
with  business  leaders 
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Culture 


Does  the  IT  subculture  contribute  to  project  failure? 
New  research  from  Syracuse  University  says  yes. 


■■■■■■■■■■■■■■I 


Why  do  IT 
projects  some¬ 
times  fail  to 
achieve  their 
goals?  Earlier 
research 
focused  on 
usability, 
employee  re¬ 
sistance  to 
change  and 
other  factors. 
But  Jeffrey  Stanton,  assistant 
professor  of  industrial  and 
organizational  psychology  at 
Syracuse  University,  takes  a 
new  perspective  by  focusing  on 
occupational  subcultures  with¬ 
in  organizations.  He  told  inter¬ 
viewer  Peter  Buxbaum  that  IT 
projects  may  fail  because  a  dis¬ 
tinct  IT  subculture  poisons  re¬ 
lations  with  end  users. 

How  did  you  go  about  studying  IT 

subcultures?  We  focused  on  14 
organizations  in  central  New 
York  state.  The  organizations 
are  involved  in  health  care, 
education,  manufacturing  and 
social  services.  We  conducted 
interviews  with  over  80  IT 
professionals  and  analyzed 
those  [interviews]  using  soft¬ 
ware  called  Atlas.ti  to  detect 
patterns.  We  noticed  similari¬ 
ties  in  the  responses  given  to 
us  by  IT  people. 

What  sort  of  patterns  did  you  de¬ 
tect?  We  found  that  IT  people 
used  common  modes  of  com¬ 
munication  and  expressed  a 


common  ethnocentricity. 

We  were  struck  by  the  com¬ 
mon  symbology  used  by  IT 
people  through  which  they  ex¬ 
pressed  the  unwillingness  of 
computer  users  to  learn  cer¬ 
tain  things.  We  heard  over  and 
over  again  one  story  about  the 
guy  who  put  his  coffee  cup  in 
the  CD-ROM  holder.  It’s  an 
amusing  and  possibly  apoc¬ 
ryphal  story,  and  it  expresses 
the  commonly  held  belief 
about  the  cluelessness  of  end 
users. 

How  does  ethnocentricity  come 
into  play?  Ethnocentric  people 
believe  in  the  importance  of 
their  group  and  in  its  differ¬ 
entness  from  others.  We  no¬ 
ticed  indicators  of  group  sta¬ 
tus  among  IT  people  in  their 
belief  that  they  possess  eso¬ 
teric  knowledge,  their  percep¬ 
tion  of  extreme  working  con¬ 
ditions  and  their  complaints 
about  other  groups. 

What  is  the  connection  between  an 
IT  subculture  and  the  success  or 
failure  of  technology  implementa¬ 
tions?  If  IT  people  occupy 
a  distinct  subculture,  then 
implementations  could  boil 
down  to  culture  wars  between 
them  and  others.  That  may  be 
at  the  root  of  the  troubles  or¬ 
ganizations  have  in  imple¬ 
menting  IT. 

How  does  this  play  out  in  the  real 
I  world?  We  took  an  in-depth 


look  at  three  organizations  im¬ 
plementing  substantial  proj¬ 
ects  over  a  period  of  nine  to 
twelve  months  in  health  care, 
manufacturing  and  social 
services. 

[For  example,]  A.L.  Lee  Hos¬ 
pital  replaced  legacy  systems 
that  covered  individual  func¬ 
tions  like  the  lab,  accounting, 
etc.,  with  a  single  hospital  in¬ 
formation  system  [similar  to 
an  ERP  system].  It  proved  to 
be  a  difficult  technological 
transition.  We  found  in  a  qual¬ 
itative  way  that  the  communi¬ 
cations  capabilities  of  the  IT 


group  had  an  important  im¬ 
pact  on  the  projects. 

Are  you  saying  that  the  IT  people 
couldn’t  communicate  with  the 
business  people?  The  communi¬ 
cation  at  the  hospital  was 
good,  as  were  the  project  out¬ 
comes,  thanks  to  an  experi¬ 
enced  IT  leader  who  effective¬ 
ly  broke  down  barriers  be¬ 
tween  the  IT  folks  and  the 
individuals  affected  by  the 
changes.  But  the  communica¬ 
tion  at  the  social  services  or¬ 
ganization  was  poor. 

Our  data  suggest  that  the 
failures  of  communication 
between  IT  people  and  the 
administration  contributed 
to  the  problems  with  the  tech¬ 
nology-driven  change. 

How  did  this  show  itself?  Plan¬ 
ning  meetings  included  only 
directors  and  assistant  direc¬ 
tors.  There  was  no  inclusion 
of  affected  employees.  Com¬ 
munication  was  downward, 
and  they  allowed  only  mini¬ 
mal  upward  communications 
opportunities  for  affected  em¬ 
ployees.  They  didn’t  imple¬ 
ment  a  pilot  phase,  and  there¬ 
fore,  affected  employees  had 
no  opportunity  for  interim 
feedback. 

How  were  these  communication 
problems  tied  to  ethnocentricity? 

There  was  no  individual  with¬ 


in  the  IT  group  who  could 
articulate  the  benefits  of  the 
changes  to  those  who  would 
be  affected.  As  a  result,  the 
changes  were  viewed  with 
suspicion  by  the  workers. 

Did  you  see  evidence  of  culture 
wars  during  the  implementation, 
and  if  so,  how  did  they  affect  prog¬ 
ress?  There  were  conflicts  be¬ 
tween  members  of  different 
cultures,  and  these  caused 
communication  breakdowns 
between  the  subcultural 
groups.  These  conflicts  were 
rooted  in  differing  beliefs 
about  the  potential  benefits  of 
the  technology.  The  IT  people 
valued  compatibility  with  ex¬ 
isting  systems  and  maintain¬ 
ability,  the  administrators  val¬ 
ued  expected  benefits  in  effi¬ 
ciency,  and  the  users  valued 
benefits  that  IT  would  bring 
to  their  quality  of  work  life. 
These  issues  effectively 
stopped  all  progress  in 
two  of  the  organizations. 

What  can  be  done  to  overcome  the 
subculture  problem?  Cross-train¬ 
ing  may  be  a  powerful  way  of 
integrating  cultures.  How  do 
Americans  get  immersed  in 
other  cultures?  They  volun¬ 
teer  for  the  Peace  Corps  or 
go  on  student  exchange  pro¬ 
grams.  A  person  living  that 
kind  of  experience  comes  back 
to  his  home  culture  with  a 
powerful  appreciation  of  what 
it  takes  to  speak  across  a  cul¬ 
tural  boundary. 

Instead  of  sitting  at  a  desk 
working  on  new  network 
topologies,  IT  people  should 
be  sent  to  the  lab,  the  account¬ 
ing  group  or  the  reception 
area  to  live  the  experience  of 
an  end  user.  And  you  can  take 
an  accountant  and  make  him 
an  IT  person  for  six  months. 

What  would  you  expect  the  results 

to  be?  If  cross-training  were 
implemented  beforehand,  they 
would  less  likely  get  tripped 
up  over  cultural  differences 
that  could  hamper  the  rela¬ 
tionship  between  groups  and 
scuttle  the  implementation. 

©  46330 


Buxbaum  is  a  freelance  writer 
in  Washington.  Contact  him  at 
Pab001@aol.com. 


Elements  of  an  IT  Subculture 


IT  people  express  their  cultural  differences  in  part  by  complaining 
about  other  groups.  The  following  examples  of  IT  complaints 
are  taken  from  Jeffrey  Stanton’s  research  paper,  “Conflict  and 
Cooperation:  Occupational  Subculture  of  IT  Employees.” 


■  “Managers  think  they 
know  how  to  get  things 
done,  and  they  think  they 
can  estimate  how  long  it 
will  take,  but  really  they 
have  no  idea.” 

■  “I  have  always  said  that  I 
would  have  a  great  job  if  it 
wasn’t  for  the  users.” 

■  “There  is  a  huge  sort 
of  -  pardon  the  term  - 
‘Amish’  kind  of  sensitivity 
to  technology  here.  They 


are  afraid  of  it.  They  don’t 
trust  it.  They  don’t  em¬ 
brace  it  for  what  it  can 
deliver.” 

■  “When  you  are  making  a 
transition  from  a  legacy 
system  to  a  new  system, 
you  are  going  to  get  a  lot 
of  resistance  from  people 
who  have  built  their  ca¬ 
reers  on  knowing  every¬ 
thing  about  the  old  sys¬ 
tem.  That’s  their  power  in 
the  organization.” 


mmm 
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On-the-Fly  Crisis 
Management 

THERE’S  POLICE  TAPE  across  the  front  of 
your  headquarters  one  morning  because  suspi¬ 
cious  white  powder  was  found  inside.  Do  your 
employees  know  what  to  do?  What  if  you  can’t 
reach  key  decision-makers?  Who’s  next  in  line 
with  the  authority  to  give  orders?  Who  has  the 
right  skills  to  deal  with  this  particular  crisis? 

Companies  may  have  standard  disaster- 
recovery  plans,  but  they  rarely  have  a  process 
for  ad  hoc  crisis  management,  says  Roberto 
Evaristo,  an  assistant  professor  at  the  Univer¬ 
sity  of  Illinois  at  Chicago.  He  uses  the  analogy 
that  SWAT  teams  have  standard  practices  for 
hostage  situations,  but  they  also  have  skills  to 
draw  upon  in  new,  unpredictable  situations. 
Evaristo  and  collaborators  Kevin  Desouza  and 


Tobin  Hensgen  are  writing 
a  book  and  consulting  on 
the  topic  of  “adaptive 
crisis  management.” 

The  No.1  problem  is  the 
communications  break¬ 
down  that  occurs  when 
decision-makers  are  un¬ 
available  in  the  first  few 
minutes  or  hours  of  a  cri¬ 
sis,  Evaristo  says.  He  says 
the  IT  department  could 
help  by  setting  up  systems 
that  can  be  used  to  find 
and  reach  key  people  and 
identify  employees  who  have  critical  skills,  per 
haps  through  wireless  access  to  an  expert 
database. 

Most  big  companies  have  emergency  “call 
trees”  for  contacting  employees,  but  they're 
inefficient  and  fail  if  a  person  in  the  middle  is 


unreachable,  adds  Tim  DeLisle,  a  consultant 
at  Corigelan  LLC  in  Chicago.  He  suggests 
automating  the  process  by  using  a  service 
like  the  one  offered  by  National  Notification 
Network  LLC  in  Glendale,  Calif. 

-Mitch  Betts 


Best  Bits 

The  most  useful  parts  of  recent  IT  and 
business  management  books. 

THE  BOOK:  Offshore  Outsourcing:  Business 
Models,  ROI  and  Best  Practices,  by  Marcia 
Robinson  and  Ravi 
Kalakota  (Mivar 
Press  Inc.,  2004). 

You’ll  find  a  basic, 
albeit  rosy,  overview 
of  offshore  out¬ 
sourcing  in  this 
I  |rbook.  The  costs, 
benefits,  examples 
and  country  profiles 
that  you’d  expect  are  all  covered  here. 
The  authors  are  in  the  “offshoring  is 
inevitable”  camp  and  argue  that  the 
ability  to  manage  offshore  outsourcing 
is  a  “competency”  that  all  companies 
will  need  in  order  to  be  competitive. 

But  there  are  frighteningly  few  rec¬ 
ommendations  for  managing  the  risks 
and  the  downsides  of  offshoring.  You 
won’t  read  about  the  political  backlash, 
U.S.  layoffs  or  challenges  such  as  secu¬ 
rity  and  privacy.  There’s  a  brief  men¬ 


tion  of  how  Dell  Inc.  had  to  yank  its 
corporate  tech-support  operation  from 
India  because  of  customer  complaints 
about  poor  communication  [QuickLink 
43172].  But  the  authors  conclude  that 
Dell  just  needs  to  work  on  “providing 
more  accent  neutralization,  employee 
training  and  service  quality  manage¬ 
ment”  in  Bangalore  to  fix  the  problem. 

-Mitch  Betts 

Category-Killer  IT 

■  “Category  killer”  retail  stores  will  in¬ 
vest  heavily  in  IT  upgrades  in  the  next 
12  to  18  months  as  a  result  of  a  re¬ 
bounding  economy  and  intense  com¬ 
petitive  pressures,  according  to  IHL  • 
Consulting  Group,  an  independent  re¬ 
search  firm  in  Franklin,  Term. 

Category  killers  —  large  specialty 
retailers  that  dominate  market  seg¬ 
ments,  such  as  office  supply  and  do-it- 
yourself  hardware  stores  —  tend  to  be 
shrewd  and  aggressive  investors  in  IT, 
says  IHL  President  Greg  Buzek.  For  ex¬ 
ample,  they  tend  to  replace  their  point- 


of-sale  terminals  every  four  to  five 
years,  much  faster  than  the  typical 
store’s  replacement  cycle  of  nine  years. 

IHL  Consulting  says  these  compa¬ 
nies  will  also  invest  in  large-scale  data 
warehouses,  radio  frequency  identifi¬ 
cation  tags  at  the  carton  level  and 
enterprise  application  integration  to 
synchronize  store  operations  with 
Web  and  catalog  sales.  ©  46285 


Offshore  Hot  Spots 

The  top  six  countries  on  the 
Offshore  Location  Attractiveness 
Index,  based  on  labor  costs,  skills 
and  business  climate  for  white- 
collar  work: 

1.  India  4.  Czech  Republic 

2  China  5,  Singapore 

3  Malaysia  6.  Philippines 

SOURCE:  A. T  KEARNEY  INC  .  NEW  YORK. 

MARCH  2004 


GOT  ANY  BRIGHT  IDEAS?  Send  them  to 
pitches@computerworld.com. 


■  IT  spending  has  regional  varia¬ 
tions.  Strong  growth  is  expected  in 
Western  states,  especially  California, 
but  not  in  the  manufacturing  strong¬ 
holds  of  the  Midwest  and  South,  says 
IDC  analyst  Stephen  Minton.  IT  spend¬ 
ing  will  be  depressed  in  states  such  as 
Missouri,  Kansas  and  South  Carolina.  In 
the  Northeast,  spending  in  the  finance 
and  banking  industries  will  lead  the 
way,  IDC  says.  In  fact,  26%  of  all  IT 
spending  in  the  U.S.  is  done  in  the  Jg 


Northeast,  IDC  says. 


. 


Corporate  Technology 
Confidence  Index 

Corporate  IT  hiring  plans  dipped,  but 
the  index  nevertheless  moved  up  in 
March  on  the  strength  of  optimism 
about  IT  spending  for  hardware  and 
software  in  tne  coming  montns. 


2003-04 


The  IT  Economy 

■  The  U.S.  banking  industry  will 
continue  to  consolidate  and  will 
shed  2,000  more  banks  by  2014, 

according  to  a  report  by  IDC  subsidiary 
Financial  Insights  in  Framingham, 
Mass.  That  means  lots  more  systems 
integration  projects  for  IT.  “Banks  are 
born  to  merge  and  acquire  each  other 
in  order  to  sustain  sufficient  growth 
rates  and  profitability  objectives,"  says 
analyst  Bill  Bradway.  By  the  way,  he 
adds,  “history  has  shown  time  and 
again  that  banks  that  don’t  get  IT  right 
become  acquisition  targets.” 
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Dave  Hammond 

TtTLE:  Director 
of  IT 

EMPLOYER: 

Cardinal  Health 
Inc.,  Dublin, 
Ohio 

As  director  of 
application 
architecture, 
Hammond  oversees  the  data 
architecture  and  all  database  ad¬ 
ministration  for  pharmaceutical 
distribution  at  this  S40  billion 
health  care  products  company. 
Cardinal  recently  revamped  its  in¬ 
ternal  IT  career-path  structure  to 
create  parallel  tracks  with  equal 
compensation  for  technical  and 
business-focused  experts  within  IT. 


What  career  path  would  you  recom¬ 
mend  for  an  IT  professional  who  wish¬ 
es  to  focus  strictly  on  technology 
rather  than,  say,  project  management 
and/or  business  analysis?  There  are 
probably  two  paths  you  can  take.  First,  if  an 
individual  prefers  the  hands-on  “down  to  the 
metal"  experience,  there  is  nothing  wrong 
with  becoming  the  best  you  can  be  at  a 
technology  like  RDBMS  programming  or 
systems  engineering.  Most  companies  val¬ 
ue  employees  with  these  deep  technical 
skills,  and  that  in  and  of  itself  can  be  quite  a 
rewarding  career. 

On  the  other  hand,  if  you  enjoy  thinking 
in  the  abstract  about  an  entire  problem  or 
enterprise,  I  enthusiastically  recommend 
the  architecture  path.  Our  company  has  ar¬ 


chitecture  specialists  in  application  devel¬ 
opment,  data  integration  and  systems. 

In  your  opinion,  how  can  such  a  person 
avoid  hitting  what  some  have  called  an 
inevitable  technical  career  ceiling,  es¬ 
pecially  these  days,  when  all  IT  profes¬ 
sionals  are  being  told  that  knowing  the 
business  is  often  more  important  than 
knowing  the  technology?  There  is  no 
question  that  business  knowledge  is  critical 
-  particularly  for  those  techies  that  seek  to 
apply  their  skills  to  a  business.  But  this  is  not 
to  say  that  business  and  technical  knowl¬ 
edge  are  mutually  exclusive.  Understanding 
the  motivation  behind  a  requirement  that 
you  are  about  to  implement  will  lead  to  bet¬ 
ter  decisions.  This  isn't  to  say  that  we  need 
[database  administrators]  sitting  in  on  board 
meetings!  The  critical  skill  for  IT  profession¬ 
als  is  not  the  ability  to  create  new  technolo¬ 
gies,  but  rather  the  ability  to  see  what  is  out 
there  and  to  use  existing  technologies  to 
create  solutions  that  drive  the  maximum 
benefit  for  your  company. 

How  do  you  address  this  issue  with 
career  paths  at  Cardinal  Health?  We  are 

very  fortunate  at  Cardinal  to  have  leadership 
in  IT  and  in  HR  that  understands  that  there 
are  some  very  unique  technology  skills  that 
are  absolutely  required  to  run  our  business 
and  that  those  skills  don’t  always  align  with 
individuals  interested  in  management.  To 
that  end,  we  have  developed  a  career  path 
that  will  allow  senior  technology  profession¬ 
als  in  database  and  architecture  to  proceed 
down  a  career  path  parallel  with  manage¬ 
ment  all  the  way  up  to  the  director  level.  This 
really  allows  us  to  retain  the  best  and  bright¬ 
est  that  might  otherwise  be  tempted  to  take 
consulting  or  vendor  jobs.  O  46286 

-Julia  King 


Higher  IT  Starting  Salaries 

College  graduates  of  the  class  of  2004  are  getting  better  starting 
salaries  than  their  counterparts  from  the  previous  year. 


DEGREE 

STARTING  SALARY 

PERCENTAGE  INCREASE 

Computer  science  graduate 

$48,656 

8.9% 

Information  science  graduate 

$42,108 

2.6% 

MIS  graduate 

$41,103 

1.3%  mi 

SOURCE:  NATIONAL  ASSOCIATION  OF  COLLEGES  AND  EMPLOYERS.  BETHLEHEM.  PA..  APRIL  2004 


You  Can  Lead  a 
Horse  to  Water . . . 

Evaluating  employees’  performance 
doesn’t  necessarily  work  to  improve 
it,  according  to  the  results  of  a  re¬ 
cent  survey  of  1,190  U.S.  workers 
that  was  conducted  by  Watson 
Wyatt  &  Co.,  a  human  capital  con¬ 
sulting  firm  in  Washington.  Even 
though  61%  of  workers  agreed  that 
they're  fairly  evaluated,  only  30% 
said  their  companies’  performance 
management  programs  actually  im¬ 
prove  performance.  Just  19%  of 
employees  said  evaluations  help 
poor  performers  improve,  and  only 
35%  said  they’ve  received  clear 
performance  goals  for  this  year. 


Worth  Noting: 

There’s  approaching  ‘shrinkage’  in 
the  IT  area,  during  which  time  em¬ 
ployees  will  be  retiring  in  droves.  This 
will  improve  hiring  movement  in  the  IT  area,  but 
it  offers  an  interesting  phenomenon.  Census  in¬ 
formation  and  demographics  indicate  that  there 
will  be  a  shortage  of  IT  employees  within  the 
next  five  years,  due  to  the  retirement  of  baby 
boomers.  Some  companies  are  already  making 
efforts  to  keep  these  employees  from  retiring,  in¬ 
cluding  being  asked  to  stay  on  for  an  additional 
three  years  and  being  offered  flextime,  stock 
options  and  significant  salary  increases. 


STEVE  HALL  RECRUITER, 

Find  Great  People  International  Inc., 
Greenville,  S.C. 


Numbers  Crunch:  Training 

How  corporate  training  budgets  are  allocated 


17% 

Customer 

service 

1 

i% 

mm 

14% 

Sales 

e 

>% 

Middle 

managers 

SOURCE  AMERICAN  SOCIETY  FOR  TRAINING  &  DEVELOPMENT.  ALEXANDRIA.  VA..  2003 


BIGGEST 

SPENDERS 

INDUSTRIES’  PER-EMPLOYEE 
TRAINING  EXPENDITURES 

Transportation, 
pipelines  and 
utilities 

$1,143 

Finance, 
insurance  and 
real  estate 

$1,056 

Technology 

$1,003 

Manufacturing 

(nondurables) 

$927 

Si 


SOURCE:  AMERICAN  SOCIETY  FOR 
TRAINING  &  DEVELOPMENT.  2003 


Best  Practices: 

A  Cheat  Sheet 
For  IT  Managers 

■  Define  competencies  and  skills 
required  for  each  IT  job  description. 

■  Maintain  a  current  inventory 
of  skills. 

■Address  overall  career- 
development  issues  as  well  as 
skill-specific  training  issues. 

■  Perform  a  gap  analysis. 

■  Provide  employees  with  tools 
to  assess  their  own  skills/ 
development  needs. 

■  Use  a  single  portal  for  managers 
and  staff  to  access  all  information 
about  training  and  career 
development. 

SOURCE:  U.S.  GENERAL  ACCOUNTING 

OFFICE  REPORT  “INFORMATION  TECH¬ 
NOLOGY  TRAINING  PRACTICES  OF 

LEADING  PRIVATE-SECTOR  COMPA¬ 
NIES."  2003 
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Federal  Signal 
Picks  Craig  as  CIO 

Federal  Signal  Corp.  announced 
the  appointment  of  Alexander  D. 
Craig  to  the  newly  created  posi¬ 
tion  of  vice  president  and  CIO. 
Craig  previously  worked  at  Wil¬ 
liams  International  Co.,  where  he 
was  vice  president  for  business, 
strategy  and  IT.  Federal  Signal, 
based  in  Oak  Brook,  III.,  is  a  global 
manufacturer  of  vehicles  and  of 
safety  and  signaling  products. 


General  Motors 
Signs  With  Covisint 

Covisint,  a  subsidiary  of  Compu- 
ware  Corp.  in  Detroit,  announced 
that  General  Motors  Corp.  has 
agreed  to  use  Covisint  Connect. 
The  data  messaging  service  will 
support  traditional  EDI  as  well  as 
future  ebXML-based  communica¬ 
tions.  More  than  6,000  GM  sup¬ 
plier  manufacturing  locations  will 
migrate  to  Covisint  Connect.  The 
service  is  expected  to  reduce  the 
complexity  of  managing  multiple 
formats,  protocols  and  connec¬ 
tion  points. 


Stenbit  Named  to 
Cryptek  Board 

John  P.  Stenbit  has  been  appoint¬ 
ed  to  the  board  of  advisers  of 
Cryptek  Inc.,  a  Sterling,  Va.- 
based  provider  of  network  securi¬ 
ty  for  government  and  corporate 
information  assets.  Stenbit  is  for¬ 
mer  assistant  secretary  of  de¬ 
fense  for  networks  and  informa¬ 
tion  integration.  He  played  an  in¬ 
tegral  role  in  the  update  of  the 
Department  of  Defense’s  infor¬ 
mation  infrastructure. 


White  Joins  GTESS 
Board  of  Directors 

GTESS  Corp.,  a  Richardson, 
Texas-based  provider  of  business 
process  outsourcing  services  for 
the  health  care  industry,  has  ap¬ 
pointed  John  W.  White  to  its 
board  of  directors.  White  served 
as  vice  president  and  CIO  at  Com¬ 
paq  Computer  Corp. 


PAUL  GLEN 


What  We 
Have  to  Fear 


LATELY  I’VE  HAD  a  troubling  sense  that  there 
is  a  cancer  growing  in  IT  departments  these 
days.  No,  I’m  not  talking  about  constrained 
budgets,  poor  alignment,  hiring  freezes  or 
project  failures.  I’m  not  even  talking  about 
the  growth  of  outsourcing  and  offshoring.  While  these 
issues  are  all  real,  there  seems  to  be  something  even 
more  toxic  eating  away  at  our  industry. 

What  could  possibly  be  more  threatening  to  IT  staffs 
than  offshoring?  Fear  of  offshoring. 

This  faceless,  nameless  dark  terror  seems  to  be 
gnawing  away  at  the  morale  of  IT  professionals  every¬ 


where.  They  are  filled  with 
dread  that  they  are  wit¬ 
nessing  a  major  sea  change 
in  their  fortunes.  It  seems 
like  the  bursting  of  the  tech 
bubble  was  more  accept¬ 
able  and  less  threatening 
than  the  prospect  of  off¬ 
shoring.  Those  jobs  just 
went  away.  They  didn’t  go 
to  some  highly  skilled  engi¬ 
neers  half  a  world  away 
who  were  willing  to  work 
for  less  pay. 

I  wish  I  could  quote 
Franklin  Roosevelt  and 
suggest  that  “we  have  noth¬ 
ing  to  fear  but  fear  itself.” 

But  I  can’t.  I’m  not  going  to 
join  the  ITAA  and  the  pa¬ 
rade  of  economists  telling  us  that  off¬ 
shoring  is  good  for  us  (perhaps  collec¬ 
tively  and  only  in  the  long  run)  and 
that  we  should  welcome  it  with  open 
arms.  I’m  not  so  sure  about  that.  Al¬ 
though  management  consultants  like 
me  are  often  heard  chanting  the  “em¬ 
brace  change”  mantra,  I’m  not  sure 
that  I  want  to  snuggle  up  to  this  one. 

But  frankly,  whether  I  like  offshoring 
doesn’t  really  matter.  It’s  here,  and  it’s 
not  going  away.  Although  the  legal 


remedies  being  batted 
around  Washington  and 
various  state  capitals  may 
slow  the  trend,  no  one  can 
stop  the  relentless  march 
of  work  across  borders.  We 
created  IT  to  enhance  the 
efficiency  and  mobility  of 
labor,  and  it  seems  to  be 
working. 

But  the  natural  and  rea¬ 
sonable  fear  that  this  sort 
of  metamorphosis  brings 
seems  a  more  immediate 
threat  to  our  organizations 
than  the  change  itself. 

Even  though  some  esti¬ 
mates  suggest  that  as  many 
as  6%  to  20%  of  IT  jobs 
may  eventually  be  moved, 
a  relatively  small  percentage  is  direct¬ 
ly  affected  by  offshoring  today.  The 
fear  of  being  on  the  losing  end  of  this 
transformation  is  much  more  perva¬ 
sive  and  immediately  debilitating  than 
the  longer-term  threat. 

As  a  manager  of  a  technical  group, 
there  are  things  that  you  can  do  to 
help  alleviate  the  distractions  and  ten¬ 
sions  that  result  from  industry  trends 
like  this  that  are  largely  beyond  the 
control  of  any  of  us. 


PAUL  glen  is  an  IT  man¬ 
agement  consultant  in 
Los  Angeles  and  the  au¬ 
thor  of  the  award-winning 
book  Leading  Geeks: 
How  to  Manage  and  Lead 
the  People  Who  Deliver 
Technology  (Jossey-Bass 
Pfeiffer,  2003; 
www.leadinggeeks.com). 
He  can  be  reached  at 


Address  the  issue  openly.  Once  a  con¬ 
cern  has  entered  the  consciousness  of 
a  group,  ignoring  it  won’t  make  it  go 
away.  The  fear  of  the  unspoken  is 
much  more  intense  than  the  fear  of  an 
issue  openly  discussed.  If  you’re  going 
to  experiment  with  offshoring,  explain 
the  purpose  of  the  experiment.  If  you 
are  going  to  do  a  major  project,  explain 
the  boundaries  around  the  project. 
Otherwise,  the  rumor  mill  becomes  an 
echo  chamber,  and  the  scenarios 
played  out  there  are  probably  much 
more  imaginative  and  damaging  than 
anything  that  might  actually  happen. 

Plan  for  the  future.  A  group  without  a 
clear  understanding  of  its  future 
imagines  that  it  has  none.  Even  if 
you’re  not  sure  what  the  future  will 
bring,  plan  for  what  you  can  foresee. 

If  you  can’t  foresee  much,  develop  a 
scenario  and  go  with  that.  All  plans 
are  provisional  and  can  be  changed, 
but  the  disquiet  of  indecision  can  last 
a  very  long  time. 

Work  for  the  future.  A  while  back,  I  was 
asked  to  take  over  a  group  of  IT  pro¬ 
fessionals  who  had  suffered  a  major 
leadership  defection.  I  was  constantly 
being  asked,  “Are  we  going  to  shut 
down  this  office?”  I  didn’t  really  know, 
but  I  was  sure  that  if  people  kept  quit¬ 
ting  at  the  current  pace,  it  was  much 
more  likely.  So  we  all  went  to  work  re¬ 
cruiting  new  staffers  to  replace  those 
who  had  left.  Once  they  were  involved 
in  this  optimistic  work,  the  questions 
and  resignations  stopped. 

When  it  comes  to  offshoring,  there 
may  be  nothing  we  can  do  to  slow  its 
progress.  But  if  we  let  our  fear  of  it 
diminish  our  productivity,  the  trend 
will  only  accelerate.  So  while  it  may 
not  be  the  only  thing,  one  of  the 
biggest  things  that  we  have  to  fear 
is  fear  itself.  ©  46097 
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Get  Rid  of  the  PC  Box 


The  PC  Box 


An  entire  PC  inside  a  keyboard 

OPTIONS: 

Internal  slim  CDRW/DVD  •  Internal  floppy  •  Internal  fax  modem  •  DVI  (Digital  Video) 
Parallel  Port  •  TV-Out  (NTSC/PAl)  •  Plastic  Skin  Protector  •  LCD  Displays:  15",  17", 

18"  and  19"  (touch  screen  available)  •  Wireless  802.11b/g  available 


Runs  all  Microsoft™  Windows  98/2K/XP/NT  operating  systems. 

U.  S.  Patent  Pending.  ©  2004,  Cybernet  Manufacturing,  Inc.  all  rights  reserved.  The 
Cybernet  logo  and  Zero-Footprint-PC  are  trademarks  of  Cybernet  Manufacturing,  Inc. 
Intel,  Intel  Inside,  Pentium,  Celeron  are  trademarks,  or  registered  trademarks  of  Intel 
Corporation,  or  its  subsidiaries  in  the  United  States  and  other  countries.  All  other  regis¬ 
tered  trademarks  are  property  of  their  respective  owners.  Prices  and  specifications  are 
subject  to  change  without  notice.  All  prices  are  excluding  tax  and  shipping.  ‘Monitor 
not  included. 


As  an  I.T.  Manager,  your  greatest  challenge  could 
be  where  to  put  that  big  PC  BOX!  Cybernet  has 
created  an  innovative,  all-in-one,  Zero-Footprint-PC. 
The  entire  PC  fits  inside  a  normal  size  keyboard! 
This  design  has  helped  many  businesses  nationwide 
to  save  valuable  space. 

I i 


STANDARD  FEATURES: 

•  Intel®  Pentium®  4  Processor  up  to  2.80GHz/533  FSB 

•  128MB  DDR333  SDRAM  up  to  2GB 

•  40GB  IDE  7200  RPM  hard  drive,  up  to  any  size 

•  10/100  Ethernet,  4  USB  2.0,  2  IEEE1394  Firewire,  2  Serial  Ports 

•  2-Year  Limited  Warranty 

All  these  features  are  inside  the  keyboard! 


As  low  as 


$475 


T 


Space  Saving  Technology 


For  produd  specs  and  model  options  visit  us  at:  WWW.CybsrnfitrnSn.COHI} 

or  call:  TOLL  FREE  888-8344577  International  949477-0300 
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IT  Careers  in  Security/Defense 


With  pronouncements  of  hiring  tens  of  thousands 
of  employees,  it  becomes  clear  that  the 
government  agencies  and  corporations  working  in 
support  of  security  and  defense  offer  some  of  the  best 
opportunities  for  information  technology 
professionals.  The  "gotcha"  is  whether  you  have  or 
can  qualify  for  a  security  clearance. 


The  focus,  in  terms  of  security  and  defense,  is  on 
converging  data,  making  it  available  to  multiple 
users,  and  mining  the  data  for 
intelligence/knowledge.  While  the  U.S.  Armed 
Forces  are  among  the  heaviest  of  recruiters,  the 
Transportation  Security  Administration  is  under 


pressure  too.  Currently,  TSA  is  funded  for  729  staff 
information  technology  positions;  just  over  270  of 
them  have  been  filled.  The  2005  budget  calls  for  more 
full-time  IT  professionals.  In  testimony  before 
Congress,  Lt.  Gen.  Frank  Libuttle,  TSA’s  interim 
director,  said  his  group  will  hire  40  people  per  month 
to  fill  the  slots.  In  addition,  the  TSA  budget 
documents  indicate  the  agency  is  relying  heavily  on 
universities,  national  laboratories  and  companies  to 
"push  the  scientific  envelope"  to  deliver  information 
sharing,  infrastructure  protection  and  new 
technologies  and  tools. 

Northrop  Grumman,  in  looking  forward,  continues  to 
predict  strong  hiring,  including  the  Northrop 
Grumman  Information  Technology  unit.  The 
corporation  as  an  entity  hired  18,000  employees  in 
2003,  the  majority  in  this  unit.  Most  recently,  the  unit 
received  a  $337  million  task  order  for  the  Department 
of  Flomeland  Security's  secure  data  network.  The 
company  is  teaming  with  Information  Builders  to 
identify  and  pursue  three  national  security  activities  - 
bioterrorism/syndromic  analysis,  identification  and 
authentication  solutions,  and  law  enforcement  data 
integration.  The  company's  current  careers  listings 
range  from  human  intelligence  operations  specialist 
to  data  warehousing,  software  development  to 
JAVA  specialists. 


Lockheed  Martin,  which  was  a  lead  in  airport  security 
initiatives  two  years  ago,  continues  to  predict  strong 
hiring  in  the  next  three  years  -  conservatively 
estimated  at  10,000  replacement  and  new  workers 
every  year.  According  to  Tom  Greer  at  Lockheed 
Martin  Corporation,  a  large  number  of  these  jobs  will 
be  in  the  mid-Atlantic  region  and  tied  to  new  and 
existing  security  and  defense  contracts.  Currently,  the 
company  employs  more  than  30,000  IT  professionals 
and  has  1 3  business  units  rated  at  Levels  4  and  5  for 
software  engineering  maturity.  Greer  said  the  hiring 
will  include  software  developers/engineers,  system 
analysts,  network  engineers,  programmers,  systems 
integration  analysts  and  data  administrators.  About 
one-third  of  the  new  hires  will  require  security 
clearances. 

Other  companies  among  the  biggies  claiming  security 
and  defense  contracts  include  Unisys,  Boeing, 
Raytheon,  SAIC,  Oracle  and  IBM. 


For  more  information  about  IT  Careers 

advertising,  please  contact:  Nancy  Percival 

Vice  President,  Recruitment  Advertising 

800.762.2977 

500  Old  Connecticut  Path 

Framingham,  MA  01701 

Produced  by  Carole  R.  Hedden 


"DIVERSITY  IN  PRODUCTS,  SERVICES  AND  PEOPLE" 

THE  SOCIAL  SECURITY  ADMINISTRATION  IN  WOODLAWN,  MARYLAND 
is  seeking  highly  motivated  IT  Professionals  for  the  following  types  of  positions: 

♦  Mainframe  Developers  (COBOL,  CICS) 

♦  Internet  Developers  (Java,  WebSphere,  CGI) 

♦  Database  Administrators  (DB2,  IDMS,  Oracle) 

♦  Systems  Operation  Analysts  (SUN/UNIX,  JCL,  TSO/ISPF,  z/OS,  Control  M) 

COME  JOIN  OUR  WINNING  TEAM! 

WE  OFFER: 


COMPETITIVE  SALARIES  -  RANGE:  $52,963-$85,867 
A  COMPREHENSIVE  BENEFITS  PACKAGE  INCLUDING: 

•  RETIREMENT  SAVINGS  INVESTMENT  PLAN 

•  HEALTH,  LIFE  AND  LONG  TERM  INSURANCE  FOR  SELF  AND  FAMILY 
PAID  VACATION,  SICK  LEAVE  AND  10  PAID  HOLIDAYS 
PAID  OVERTIME  AND  ONGOING  TECHNICAL  TRAINING 
FLEXIBLE  WORK  SCHEDULES. 


ALL  OF  THIS  AND  A  POSITIVE,  CASUAL  WORK  ENVIRONMENT! 

To  apply  go  to  USAJOBS  at:  http://iobsearch.usaiobs.QDm.gov/  and  select 
the  Social  Security  Administration.  Must  be  a  United  States  citizen  to  apply. 

A* 


www.socialsecurity.gov 

EOE/ADA 


The  way  we  see  it,  challenges  are  just  opportunities  in  disguise.  At  Northrop 

Grumman  Mission  Systems  we're  eager  to  push  our  defense  capabilities  years  into 
the  future.  If  you  have  the  experience,  drive,  and  a  security  clearance  we  encourage 
you  to  visit  our  website  to  learn  more  about  the  following  opportunities: 

•  Systems  Engineers  •  Military  Trainers 

•  Software  Engineers  •  Linguists 

•  Intelligence  Analysts 

Compensation  and  benefits  are  highly  competitive.  Please  visit  our  website  at: 
www.ms.northropgrumman.com/careers.  U.S.  Citizenship  is  required  for  most 
positions.  An  Equal  Opportunity  Employer  M/F/D/V. 


NORTHROP  GRUMMAN  D 


EFINING  THE  FUTURE" 


Mission  Systems 


www.ms.northropgrumman.com/careers 

©2004  Northrop  Grumman  Corporation 


RAPIDLY  CHANGING  CONDITIONS 

HAVE  ALWAYS  BEEN  OUR  SPECIALTY. 
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enterprise  integration 
network  vulnerabilities 
corporate  data  security 
government  compliance 
mobile  &  wireless  security 
business  management  needs 


The  right  IT  professional 
can  jump  the  hurdles  of 
today’s  IT  challenges. 


Call: 

(800)  762-2977 


SENIOR  TECHNICAL  TRAIN¬ 
ER:  Will  provide  product  training 
for  Brooks  -  PRI  semiconductor 
handling,  software  and  hard¬ 
ware  systems.  Will  design  and 
develop  course  materials,  certifi¬ 
cation  tests,  and  instruction 
plans  for  classroom  training.  Will 
train  clients,  including  OEM's 
and  end  users,  as  well  as  com¬ 
pany  employees.  Will  develop 
online  training  courses  and 
audiovisual  training  tools.  Will 
supervise  junior  Technical  Train¬ 
ers.  Will  provide  emergency  field 
and  personnel  service  support 
assisting  Technical  Support 
Engineers.  Requirements:  B.S ./ 
B.A.  in  CS,  Electronics  or  Elec¬ 
trical  Engineering  or  related  field 
and  two  (2)  years  of  experience 
in  the  job  offered  or  two  (2) 
years  experience  in  the  related 
occupation  of  Technical  Support 
or  Network  Administration.  Also, 
demonstrated  expertise  in  sup¬ 
porting  or  working  with  semicon¬ 
ductor  handling  systems  hard¬ 
ware  as  well  as  control  system 
hardware  and  software.  Demon¬ 
strated  experience  providing 
training  and  technical  or  field 
support  for  internal  and  external 
customers.  Offered  salary  is 
$71, 250/year  for  full-time  em¬ 
ployment  (min.  40  hours  per 
week)  and  standard  company 
benefits.  EEO.  Submit  2  resum¬ 
es  and  respond  to  Case  No. 
200204239,  Division  of  Career 
Services,  Labor  Certification 
Unit,  19  Staniford  Street,  1st 
Floor,  Boston,  MA  02114. 


Programmer  Analyst.  Sought  by 
Englewood  Colorado  consulting 
company  to  work  in  various 
unanticipated  locations  through¬ 
out  the  U.S.  To  work  in  various 
unanticipated  locations  through¬ 
out  the  U.S.  Duties:  Under  direct 
supervision,  convert  project  spe¬ 
cifications  and  statements  of 
problems  and  procedures  into 
detailed  logical  flow  charts  for 
coding  into  computer  language. 
Develop  and  write  computer 
programs  to  store,  locate  and 
retrieve  specific  documents, 
data,  and  information.  Program 
web  sites.  Use  of  AS/400,  Java, 
RPG-IV,  CL-400.  Reqs.  Bachel¬ 
or  or  equivalent  in  Computer 
Science,  Computer  Engineering 
or  related  degree.  Plus  1  year  in 
the  job  offered  or  1  year  in  a 
related  occupation,  including 
Programmer,  Consultant  or 
Systems  Analyst.  $60, 000/year, 
40/hrs/wk,  8AM-5PM.  Respond 
by  resume  to  WORKFORCE 
DEVELOPMENT  PROGRAMS, 
PO  Box  46547,  Denver,  CO 
80202,  and  refer  to  Job  Order 
No.  CO5075223. 


BCC  USA  Inc,  Portland,  Maine 
needs  experienced  Database 
Administrators  having  a  Bach¬ 
elors  degree  or  equivalent 
with  minimum  two  years  of 
progressive  work  experience 
in  Sybase,  Oracle  and  MS- 
SQL-Server  database  installa¬ 
tion,  administration,  design, 
development  and  support. 
Knowledge  of  UNIX  and  Erwin 
is  a  plus.  Competitive  salary 
and  benefits.  M-F,  40  hours/ 
week.  Please  mail  your  res¬ 
ume  to  BCC  USA  Inc.,  HR 
Department,  480  Congress 
Street,  Portland,  ME  04101. 


Loan  Pricing  Corporation  has 
openings  for  Software  Engin¬ 
eers  in  its  NY  headquarters. 
Min  reqs  incl  Bach  in  Comp  Sci. 
Duties:  Research,  analyze, 
dsgn,  dvlp,  test  &  implmt 
s/ware  &  bus  applies  using 
PowerBuilder,  C,  C++,  Net¬ 
scape  LiveWire,  JavaScript, 
Java,  J2EE,  EJB,  iPlanet 
Webserver,  Oracle,  Sybase, 
MS  Visual  Cafe  IDE  &  JBuilder 
IDE  on  Win  &  Solaris.  Must 
have  legal  auth  to  work  in  US. 
Excellent  pay  &  benefits.  Send 
resume  w/proof  of  work  status 
to:  mfs@loanpricing.com. 


IT  PROFESSIONALS 

Manager,  Customer  Relation¬ 
ship  Management  (CRM)  (Glen 
Mills,  Pennsylvania  and  other 
locations  through  the  U.S.).  Re¬ 
view,  validate  analysis  &  devel¬ 
op  recommendations  to  clients 
with  respect  to  the  gathering, 
planning  &  scope  of  various  pro¬ 
jects  using  Siebel  tools.  Evalu¬ 
ate  &  select  approaches  &  strat¬ 
egies  with  respect  to  client  re¬ 
quirements  for  defining  technical 
architecture  and  preparing  user 
acceptance  test  plans  &  design¬ 
ing  &  assessing  technical  solu¬ 
tions.  Assess  implication  of 
changes  in  scope  of  projects. 
Communicate  to  client  regarding 
engagement  status,  progress  & 
impact  to  the  business.  Estab¬ 
lish  deliverable  structure  &  con¬ 
tent  &  review  deliverables  to  en¬ 
sure  client  expectations  are  met. 
Participate  in  the  development  & 
sharing  of  market  valued  intel¬ 
lectual  capital  including  best 
practices.  Identify  potential 
methodology  enhancements  & 
ensure  engagement  teams  are 
proficient  in  the  use  of  various 
Siebel  technologies  and  Data¬ 
warehousing  tools  (Informatica 
Powermart)  as  well  as  ERP 
applications  including  People- 
soft.  Select,  customize  &  lead 
applications  of  Siebel  tools  and 
methodologies  to  meet  propos¬ 
als  &  engagement  needs. 

WAGE:  $1 01,000/year.  Hours 
worked:  Monday-Friday  9:00am- 
5:00pm.  MINIMUM  REQUIRE¬ 
MENTS:  Bachelor's  degree  or 
equivalent  in  Computer  Science, 
Engineering  (any  type),  Math, 
Business  Administration  or  Infor¬ 
mation  Systems  +  3  years  exp. 
in  the  job  offered  or  3  years  exp 
as  a  Senior  Consultant,  Consult¬ 
ant,  or  Manager.  Related  experi¬ 
ence  must  include  identifying 
changes  in  the  scope  of  projects 
involving  design  and  assess¬ 
ment  of  technical  solutions  using 
various  Siebel  and  Dataware¬ 
housing  tools  and  Peoplesoft 
Employer  will  accept  5  years  of 
professional  experience  in  the  IT 
industry  in  lieu  of  a  Bachelor’s 
Degree. 

Please  send  your  resume,  refer¬ 
encing  Job  Order  Number 
WEB411838  to  the:  Philadelphia 
NW  Careerlink,  FLC  Unit,  235 
W.  Chelten  Ave.,  Philadelphia, 
PA  19144.  EOE. 


PROG  ANALYST  - 
APPLNS  BUILD 

Dvlp  customized  applns  for  a 
single  consolidated  build  for  all 
Windows  Service,  ASP  & 
ASP.net  files  for  fin.  institutions. 
Config.  &  create  installation 
docs  to  client  framework  specs. 
Create  directories  &  perform 
white  &  black  box  testing.  BS 
degree  in  Comp.  Sci.,  Engnrg, 
Program.;  Electrical  or  Electron¬ 
ics  Engnrg  (or  equiv.  in  educ.  & 
exp.)  +  3  yrs  exp.  in  job  offered 
or  in  Software  Engnrg  for  Applns 
Build  reqd.  Must  know  KON- 
DOR,  NAnt,  Concurrent  Vers¬ 
ions  Systems,  XML  Database 
Migration  Engine,  ASP.net, 
J2EE  &  financial  industry  exp. 
High  mobility  preferred.  40 
hrs/wk,  OT  as  reqd,  8  am  -  5  pm, 
$66,730/yr.  Qualified  applicants 
please  submit  resumes  to 
Manager,  Butler  County  Career- 
Link,  Pullman  Commerce  Cen¬ 
ter,  112  Hollywood  Drive,  Suite 
101,  Butler,  PA  16001-5699. 
Please  refer  to  Job  Order  No. 
411805. 


Technical  Support  Specialist. 

Test  new  products  with  the  prin¬ 
cipal  and  techniques  of  electrical 
engineering.  Direct  and  coordi¬ 
nate  operation,  maintenance, 
and  repair  of  equipment.  Sup¬ 
port  engineering  personnel  in 
fabrication  of  test  control  appa¬ 
ratus  and  equipment  and  deter¬ 
mine  methods,  procedures,  and 
conditions  for  products  related  to 
laser  printers  and  copiers.  Req. 
BS  or  equivalent  in  Electrical 
Engineering  with  proficiency  in 
plastic  injection  molding  technol¬ 
ogy  and  molding  design.  40 
hr/wk;  9-6.  ‘Send  resume  to 
Partsmart  Corp.  at  2870  N. 
Berkeley  Lake  Rd.,  NW,  Suite  5, 
Duluth,  GA  30096. 


DIRECTOR  OF  IT 

(HOLLYWOOD,  FLORIDA). 

RESPONSIBILITIES: 

Installation,  configuration,  and 
support  of  routers,  hubs,  and 
switches; 

Administration/proactive  main¬ 
tenance  on  the  network  and  ser¬ 
vers  of  a  200+  node  LAN/WAN; 

Management  of  external  serv¬ 
ice  providers  and  internal  staff  to 
provide  a  high  level  of  customer 
service  to  achieve  targeted,  pre¬ 
determined  service  levels; 

•  Responsible  for  assessing  re¬ 
quirements  and  providing  intelli¬ 
gence  to  the  IT  organization 
regarding  business  trends  and 
management  needs  and  con¬ 
cerns,  while  at  the  same  time 
educating,  sensitizing,  and  man¬ 
aging  the  expectations  of  the 
business  units  with  the  realities, 
challenges,  and  fundamentals  of 
IT; 

Development  and  service  the 
ongoing  partnership  with  internal 
customers/departments  main¬ 
taining  in-depth  knowledge  of 
business  operations; 

Development  and  execution  of 
IT  business  strategies,  informa¬ 
tion  requirements,  and  priorities; 

Driving  initial  customer  needs 
analyses; 

Ensuring  customer  requests 
are  compatible  with  technical 
direction; 

Prioritizing  needs  enterprise¬ 
wide,  and  participating  with  cus¬ 
tomers  in  the  development  of 
short  and  long  term  system 
plans; 

Using  established  practices 
and  procedures,  including  infra¬ 
structure  hardware/software 
standards; 

Evaluating  training  needs  and 
providing  career  development 
and  technical  guidelines  for 
staff;  researching  and  analyzing 
new  technologies  with  an  eye  to 
improving  company  processes. 

REQUIREMENTS: 

Bachelor  Degree  or  equivalent 
in  Computer  Science  or  Informa¬ 
tion  Systems.  Must  also  have 
four  years  experience  in  the 
areas  of  network  engineering 
design,  IT  support,  and  supervi¬ 
sion  and  management  of  IT  per¬ 
sonnel. 

SUBMLTRESUMETQ: 

Joseph  C.  Neff.  General 
Manager  Teleplan,  (successor 
to:  A  Novo  Broadband  Inc.),  96 
Quigley  Boulevard,  New  Castle, 
Delaware  19720. 


Senior  Oracle  Database  Admin¬ 
istrator:  For  staffing  firm,  man¬ 
age  24x7  Oracle  8i/9i  production 
systems  on  Solaris  platform;  de¬ 
velop  &  maintain  disaster  recov¬ 
ery  plans  &  security  policies  & 
procedures;  tune  Oracle  &  ad¬ 
minister  Solaris  platform;  write 
SQL,  PL/SQL,  Ksh  &  Perl  scripts 
to  administer  system  &  database 
activities.  Req's:  Bachelor's  or 
equivalent  in  Comp  Sci,  Engin¬ 
eering  or  related  field.  5  yrs  exp 
in  job  offered.  Proficiency  in 
RMAN,  Netbackup,  StatsPack, 
TraceAnalyzer,  Advanced  Queu¬ 
ing,  Advanced  Replication,  Parti¬ 
tioning,  Unix  (Solaris  &  HP-UX) 
administration  (NIS,  NTP  & 
SSH),  DiskSuite  &  Raid  Manag¬ 
er  w/  A1000  &  D1000  storage 
units,  Gnu  tools  (Samba,  Orca, 
Cricket,  SeToolkit,  Gnats),  Nokia 
OSS  system  administration, 
Citrix  server  farms  on  Win2k 
servers,  Oracle9iAs  administra¬ 
tion  &  data  warehousing.  Must 
be  certified  in  Oracle  DBA  & 
Solaris  administration.  40hrs/wk. 
Send  res.  to  box  E-1,  P.O.  Box 
17182,  Phila.,  PA  19105. 


EVP  Customer  Relationship 
Management.  Oversee  project 
implementation  at  client  sites, 
manage  pre-sales  activities 
with  potential  clients,  &  design 
software  &  data  architecture. 
Involves  development  of  mar¬ 
keting  requirements  &  specifi¬ 
cations  for  clients,  people 
management,  training,  tutoring 
&  mentoring.  Req.  prior  exp.  as 
an  IT  manager  using  Quali- 
Ware  software  &  prior  exp.  w / 
IT  project  &  personnel  mgmt., 
database  architecture  &  data 
warehouse  systems  incl.  Orac¬ 
le.  Fax  or  email  resume/cover 
Itr.  To  Dimension  Initiatives 
Group,  914-934-1004,  resume 
@dig-d.com. 


IT  PROFESSIONALS 
Consultant 

(Glen  Mills,  Pennsylvania  and 
other  locations  through  the 
U.S.).  Responsible  for  Siebel 
7.0  CRM  (Customer  Relation¬ 
ship  Management)  infrastruc¬ 
ture/architecture  and  implemen¬ 
tation  of  CRM  Data  Warehous¬ 
es.  Involved  in  architecture, 
infrastructure,  data  conversion 
and  interfaces  for  CRM  and 
CRM-related  data  warehousing 
implementations.  Deploy  and 
support  infrastructure  including 
Siebel  Call  Center,  Oracle, 
Actuate,  Brio  and  Informatica. 
Configure  architecture  compo¬ 
nents  including  IIS  (Internet 
Information  Services)  or  Apache 
web  servers,  Resonate  load  bal¬ 
ancers,  Actuate  or  Brio  reporting 
servers,  Siebel  server  compo¬ 
nents,  Oracle  databases,  mid¬ 
dleware  (TIBCO  adapters), 
application  interfaces,  workflow 
and  automation  tools  such  as 
AutoSys  and  data  warehousing 
components.  Engage  in  the 
design  and  development  of  data 
warehouse  reports  (using  Brio/ 
Actuate),  star  schemas,  dimen¬ 
sions,  facts,  slowly  changing  di¬ 
mensions  and  aggregate  dimen¬ 
sions  to  develop  real-time  and 
near  real-time  reporting  capabil¬ 
ities  in  the  areas  of  case  man¬ 
agement,  call  center  operations, 
sales  and  troubleshooting  for 
clients.  Responsible  for  the  de¬ 
velopment  of  ETL  (Informatica) 
mappings  to  extract  data  from 
CRM  and  operational  systems 
to  OLAP  (Online  Analytical  Pro¬ 
cessing)  and  enterprise  data 
warehouses  to  meet  the  analyti¬ 
cal  reporting  needs  of  clients. 
$74,751.70  per  year.  Monday- 
Friday,  9:00  am  to  5:00  pm. 

The  minimum  requirements  are 
as  follows:  Bachelor's  degree  in 
Computer  Science,  Math,  In-for¬ 
mation  Systems,  Engineering 
(any),  or  Business  +  2  years  of 
experience  in  the  job  offered  or 
2  years  of  experience  as  a 
Consultant,  Systems  Analyst  or 
Summer  Intern.  Related  experi¬ 
ence  must  include  Siebel  7.0 
CRM  (Customer  Relationship 
Management),  TIBCO  Middle¬ 
ware  Technologies,  OLAP  (On¬ 
line  Analytical  Processing),  ETL 
(Extract,  Transform,  and  Load) 
tools  including  Informatica,  and 
Brio  Reporting  Tool. 

Please  send  your  resume,  refer¬ 
encing  Job  Order  Number  WEB- 
413848  to  the:  PA  Careerlink, 
FLC  Unit,  235  W.  Chelten  Aven¬ 
ue,  Philadelphia,  PA  19144. 
EOE. 


Sr.  Consultant.  We  are  seeking 
qualified  candidate(s)  to  analyze 
&  review  clients’  requirements  to 
plan  data  processing  systems 
and  network  operating  systems. 
Plan  layouts  and  the  installation 
of  new  network  systems  for 
small  businesses.  Design,  de¬ 
velop,  evaluate  and  implement 
techniques  for  software  pro¬ 
grams.  Manage  LAN  &  WAN 
stations  covering  upgrades  and 
all  computer  technical  work 
including  TCP/IP,  e-mail,  data¬ 
base  servers  &  Firewalls.  Reqd: 
Bachelor’s  degree  in  Computer 
Science,  Math  or  Engineering, 
MCSE  and  2  years  related  expe¬ 
rience.  Please  send  resume  to 
All  Covered,  Inc.  275  Grove 
Street,  Suite  2-400,  Newton,  MA 
02466  or  fax  to  617-556-0250 
Attn:  Director  CS  or  e-mail  to 
mhartman@allcovered.com.  No 
calls,  please.  EOE 


Application  Architect  for  design 
and  support  of  the  Core  Lan 
Event  Mgmt.  system  utilizing 
sophisticated  analysis,  design 
and  programming  technologies 
including  Domino,  Web  sphere, 
Oracle,  Unix,  C/C++,  Java,  Java 
Script,  Visual  Basic,  DHTML, 
SQL,  XML  and  PC  operating 
systems.  Fulltime  (M-F)  position 
in  Boca  Raton  pays  market  level 
salary.  Applicants  with  a  Bach¬ 
elor's  degree  in  Computer  Sci¬ 
ence/Computer  Engineering/ 
Informatics  Engineering  +  2 
years  experience  in  applications 
development  field,  send  resume 
only  to  CEO,  Core  Lan  Corp, 
10916  Ravel  Ct,  Suite  101,  Boca 
Raton,  FL  33498. 
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Computer  Professionals 

(Multiple  Openings) 

ePace  Technologies,  Inc.  a 
worldwide  provider  of  software 
solutions  seeks  motivated  IT 
professionals  specializing  in 
Software  Engineering,  Systems 
Analysis,  Database  Administra¬ 
tion  and/or  Network  Administrat¬ 
or.  Successful  candidates  must 
have  a  Bachelors  degree  in 
Computer  Science,  Math,  Engin¬ 
eering,  Business,  or  related  dis¬ 
cipline  (or  equivalent  and  experi¬ 
ence)  in  the  following  skills: 
C/C++,  Java,  Web  Methods, 
Cold  Fusion,  Microsoft  Technol¬ 
ogies  (Visual  Basic,  NET,  ASP) 
CRM  (Siebel,  Clarify,  Vantive), 
Middle  Ware  Technologies 
(Orbix,  Corba,  Tibco,  Vitria)  Data 
Ware  Housing  Tools  (Informati¬ 
cs,  Data  Stage,  Abinitio,  Bus¬ 
iness  Objects,  Cognos,  Micro 
Strategy,  Brio)  ERP  (SAP, 
People  Soft,  Oracle  Apps, 
Baan),  Mainframe  (Cobol,  CICS, 
JCL,  VSAM)  AS400,  Ecom- 
merce,  Databases  (SQL  Server/ 
Oracle/DB2/Sybase),  Microsoft 
Windows(95/98/NT/2000,Excha 
nge),  UNIX  (Sun  Solaris,  HP, 
AIX),  Linux  and  QA  (Win  Run¬ 
ner,  Load  Runner,  Silk,  Quick- 
pro,  Manual  Testing). Must  be 
willing  to  travel  and/or  relocate 
to  unanticipated  locations  in  the 
United  States.  If  interested, 
please  mail  your  resume  to: 

Human  Resource  Director 
ePace  Technologies  Inc. 

3124  Old  Faithful  Road 
Suite  10 

Cheyenne,  WY  82003 


PROG.- ANALYST 

Direct  &  implement  bus.  com¬ 
puter  &  Info.  Tech,  solutions. 
Analyze,  define,  dsgn  &  dvlp 
sys.  implmntns  &  upgrades  for 
clients.  Perform  sys.  analysis  & 
mgmt.  Provide  on-going  analyti¬ 
cal  &  prog,  support.  Report  pro¬ 
ject  status/progress  to  mgrs  & 
execs.  Interact  w/clients  to 
understand  bus.  drivers  &  pro¬ 
vide  leadership  on  the  use  of 
technology  to  address  their 
needs.  Assoc,  degree  in  Comp. 
Sci.  +  2  yrs  of  exp.  in  job  offered 
or  as  a  Comp.  Prog,  or  Sys. 
Analyst  reqd.  Must  have  exp. 
dsgng  &  maintaining  comp, 
applns  &  sys.  utilizing  AS/400, 
RPG,  SQL  and  CL.  High  mobility 
preferred.  40  hrs/wk,  OT  as 
reqd,  8am  -  5pm,  $66, 533/year. 
Qualified  applicants  please  sub¬ 
mit  resume  to  Manager,  Butler 
County  CareerLink,  Pullman 
Commerce  Center,  112  Holly¬ 
wood  Drive,  Suite  101,  Butler, 
PA  16001-5699.  Please  refer  to 
Job  Order  No.  WEB  412225. 


Network  Engineer,  Hamden,  CT 
-  sought  by  IT/S/ware  Co.  to 
dsgn,  configure  &  dvlp  networks. 
Integrate  diff.  server  platforms, 
test  &  ensure  operating  efficien¬ 
cy.  Must  have  Bach,  Deg  in 
Comp.  Sci  &  2  yrs  exp  in  job 
offd  or  2  yrs  exp  as  Sr  N/wrk 
Engr  or  Sys  Mgr  or  Admin.  In 
lieu  of  Bach  Deg  &  2yrs  exp  will 
accept  4  yrs  exp  as  Sr  N/wrk 
Engr  and/or  Sys  Mgr  or  Admin. 
Spvse  1.  Must  be  ced'd  in 
Windows  2000  Srver,  Exchange 
2000  Srver  &  Windows  2000 
Professional.  Send  resumes  to: 
VP,  SNP  Technologies,  Inc., 
1890  Dixwell  Ave„  #205, 
Hamden,  CT  06514 


Prog/Analysts  to  analyze,  de¬ 
sign,  implement  appls  using 
C,  C++,  VC++,  Socket  Pro¬ 
gramming,  Shell  Scripting, 
TCP/IP,  Rational  Rose,  Clear 
Case,  etc.  under  Windows, 
Unix  and  VxWorks;  perform 
testing,  debugging,  documen¬ 
tation  of  appls;  maintain  and 
support  existing  appls.  Re¬ 
quire:  B.S.  or  foreign  equiv.  in 
CS/Engg.  (any  branch)  &  2 
yrs  exp.  in  IT.  Travel  involved. 
F/T.  Comp,  salary.  Resumes 
to:  HR,  Ciphertrust,  Inc.,  4800 
North  Point  Parkway,  Ste  400, 
Alpharetta,  GA  30022. 


Dictaphone  Corp.  looking  for 
Principle  Engineer  for  our  Strat¬ 
ford,  CT  office.  Must  have  M.Sc. 
degree  in  Comp.  Sc.  or  related 
field  &  5  yrs.  of  exper.  dvlping. 
telecom.  &  web-based  embed¬ 
ded  prods.,  incl.  at  least  3  yrs.  of 
exper.  dvlping.  call  recording 
systs.  on  QNX  platform,  as  well 
as  exper.  dvlping.  network  par¬ 
sers,  network  device  drivers, 
packet  filtering.  &  packet  sniff¬ 
ing,  &  programming  w/  C/C++. 
Please  send  resume  to  HR 
Dept.,  Dictaphone  Corp.,  3191 
Broadbridge  Avenue,  Stratford, 
CT  06614.  AD  CODE  -  JP. 


Programmers  &  Software  Engin¬ 
eers  (Chicago,  IL  &  Atlanta,  GA): 
Analyze,  design,  develop,  test  & 
implement  specialized  apps.  in 
(a)  WebMethods  Oracle  Apps 
11i,  Siebel,  JD  Edwards,  Clarify 
&  rel.  tools;  (b)  HIPAA,  Telecom, 
Banking  Apps.  in  Mainframe  / 
Oracle,  Java,  SQL  Server  and 
rel.  tech.;  (c)  Ariba  Buyer  / 
ORMS,  SAP,  JD  Edwards,  Main¬ 
frame  /  Mid-Range,  Java  Suite  & 
rel.  tools;  (d)  Java  Suite,  Ration¬ 
al  Rose,  MQ  Series,  WebLogic, 
Jakarta  Digester,  UNIX  Scripts, 
WebSphere,  DB2,  LDAP  Server 
&  rel.  tools,  on  Windows  /  Unix  / 
Sun  Solaris.  Send  resume  to, 
HR,  906  Lacey  Ave.,  Suite  # 
200,  Lisle,  IL  60536.  EOE. 


Business  Systems  Analyst, 
NH  IT  firm.  Req  Bachelor's 
deg.  in  Eng,  Comp  Sci  ,  pre¬ 
pare  project  proposals  that 
incl.  techlogy  evaluation,  cost 
estimations  &  risk  analysis  w/2 
yrs  of  exp.  Skilled  in  Microsoft 
project  and  MS  Excel.  Knowl. 
of  excel  add  on  risk  assess¬ 
ment  appli'ns  like  @Risk  is 
highly  desirable.  Apply  with  12 
copies  of  resume  to  HRD  to 
Worldwide  Information  Tech¬ 
nology  Services,  155  Fleet 
Street  Portsmouth,  New 
Hampshire  -  03801. 


Programmer:  design,  devel¬ 
op,  configure,  code,  and 
implement  computer  pro¬ 
grams;  maintain  and  trou¬ 
bleshoot  Edge  internal/exter¬ 
nal  issues;  update  Edge 
design  and  functionality.  Req. 
MS  in  CS  or  MIS  with  profi¬ 
ciency  in  HTML,  ASP,  VB¬ 
Script,  JavaScript,  IIS,  SQL 
Server.  8-5,  40hr/wk.  Send 
resume  to  Titan  Management 
Group,  LLC  at  1136  Zion 
Church  Road,  Building  B, 
Suite  130,  P.O.  Box  879, 
Braselton,  GA  30517. 


Software  Engineers  needed  by 
Alpharetta  based  IT  Co  -  Bach¬ 
elors  degree  with  1-2  years  of 
experience  in  job.  Exp  in  Skill 
sets  incl:  C,  C++,  Java,  EJB, 
JSP,  Servlets,  XML,  UML,  4GL, 
XSTL,  TIBCO,  12,  Unix,  NT,  VB, 
ASP,  C#.  Net,  AS/400,  COBOL, 
DB2,  CICS.  JCL,  MVS,  VSAM, 
Embeded/Firmware,  Oracle, 
SQL,  Natural,  Clearcase  Admin, 
MQSeries,  WEB  Methods 
Vitria,  SAP,  Peoplesoft,  Infor- 
matica,  COGNOS,  Business 
Objects.  Send  resumes  to 
resumes@anisi.com.  Frequent 
travel  required. 


Computers  -  Programmer  An¬ 
alysts  needed.  Seeking  qual. 
candidates  possessing  MS  or 
equiv.  and/or  relevant  work  exp. 
Part  of  the  req.  relevant  exp. 
must  include  2  years  working 
with  VC++  and  1  year  working 
with  ASP  &  SQL  Server.  Exp. 
can  be  simultaneous.  Duties 
include:  Design,  develop  test 
and  maintain  software  applica¬ 
tions  including  middleware,  da¬ 
tabase  &  Internet  applications; 
Work  with  VC++,  ATL,  COM+, 
ASP,  SQL  Server.  XML/XSLT, 
MSMQ.  Mail  resume  &  ref.  to: 
Object  Solutions,  Inc.,  Attn:  HR, 
3025  Harbor  Lane,  #  312, 
Plymouth,  MN  55447-5119. 


Web-Database  Administrator/ 
Software  Engineer.  Seeking 
qualified  candidates  possess 
B.S  (Electronics  &  Communi¬ 
cation)  or  equivalent  with  related 
work  experience  of  3  to  5  years. 
M-F,  8AM-5PM.  Duties:  internet 
development,  ecommerce  appli¬ 
cations,  with  knowledge  of 
COM,  COM  +,  MTS,  IIS,  HTML, 
DHTML,  Java  Script,  Microsoft 
and  Sun  Technologies  with  data¬ 
bases  Oracle  8.1  &  MS  SQL 
Server  2000  and  MS-Access 
2000.  Please  send  resume  to 
Oxford  Affiliates  Inc.,  Attn:  Mr. 
Yakim  Lalani  4800  Texoma 
Pkwy,  Suite  202,  Sherman  TX, 
75090. 


Edify  Technologies,  Inc.  is  look¬ 
ing  for  Programmer  Analysts. 
Should  have  Bachelor's  degree 
in  Computer  Science,  Engineer¬ 
ing  or  related  field  with  2  years 
experience  in  C++,  Web  Ser¬ 
vices,  WML/  Perl/Shell  Scripts, 
XML,  cXML,  .NET  Remoting, 
RosettaNet,  Ant,  WebLogic, 
Siebel  EAI/EIM/Remote  Admin, 
Siebel  eScript/Email,  Clarify.  We 
accept  foreign  education  degree 
or  the  degree  equivalent  in  edu¬ 
cation  and  experience.  Send 
your  resume  to:  Edify  Technol¬ 
ogies,  Inc.  16614  Kingsbrook 
Dr.,  Crest  Hill,  IL-60435. 
e-mail:  resumes@edifytech.com 


Fast  Enterprises,  LLC  is 
seeking  Project  Managers  to 
direct  activities  surrounding 
implementation  and  installa¬ 
tion  of  COTS  solutions  for 
revenue  agencies  throughout 
the  U.S.  Interested,  degreed, 
experienced  professionals, 
please  respond  to: 

Project  Manager  Recruiting 
L.  Forest 

800  Park  Boulevard 
Suite  720 
Boise,  ID  83712 


Software  Engineers  needed. 
Seeking  candidates  possess¬ 
ing  BS/MS  or  equiv  and  rel 
work  exp.  Duties  include: 
Design  and  develop  software 
applications  and  work  with 
COBOL,  Java,  Oracle,  MVS, 
DB2  and  SQL.  Exp.  must 
include  2  years  working  with 
COBOL,  MVS  and  Oracle. 
Mail  resume,  refs  and  salary 
reqs  to:  Symbiosis  Inter¬ 
national,  3965  Okemos  Road, 
Suite  B2,  Okemos,  Ml  48864. 
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The  World  Of  Work  Is  Changing 
Every  Week. 


itcareers.com  is  now  powered 
by  CareerJournal.com! 

Search  for  jobs  and  post  your 
resume  here  on: 
www.itcareers.com 

or  call  (800)  762-2977 


Luckily,  We  Are  Too! 


TECHNICAL  LEAD.  Design,  dev¬ 
elop,  implement  software  apps 
from  requirements.  Prepare/ana¬ 
lyze  detailed  workflow  chart  & 
diagram  to  illustrate  sequence  of 
steps  program  must  follow  to 
describe  input,  output,  and  logi¬ 
cal  operations,  applying  knowl¬ 
edge  of  RUP  software  methodol¬ 
ogy  and  object-oriented  software 
design  processes.  Analyze,  re¬ 
view  and  rewrite  programs  to 
increase  operating  efficiency  or 
adapt  program  to  new  require¬ 
ments  using  Visual  Basic,  Visual 
C++,  and  ASP.  Compile/write 
documentation  of  program  dev. 
and  subsequent  revisions;  re¬ 
view  code  written  by  team  mem¬ 
bers.  Aid  in  creating  prototype/ 
test  apps.  Lead  teams  of  Soft¬ 
ware  Developers.  Required: 
Bachelor's  degree  or  foreign 
degree  equivalent  in  Comp.  Sci., 
Computer  Sys.  Engg.  or  closely 
related  field,  plus  2  years  exp.  in 
job  offered  or  as  Programmer/ 
Software  Engr.  Exp.  gained 
before,  during  and  after  degree 
will  be  accepted.  Must  include  1 
yr  of  exp.  using  RUP  methodolo¬ 
gy,  Visual  C++,  Visual  Basic, 
ASP.  Must  be  willing  to  travel  on 
long-  &  short-term  assignments 
to  client  sites  within  U.S.  Send 
resume  to:  Recruiter-Human 
Resources,  Paragon  Solutions, 
3625  Brookside  Pkwy,  Suite  300, 
Alpharetta,  GA  30022.  (No 
Phone  Calls) 

Applications  Support  Analyst 
sought  to  provide  end-user  sup¬ 
port,  resolve  problems  and  track 
resolutions  for  Miami,  FL  office 
of  law  firm  that  utilizes  a  variety 
of  applications.  Also  responsible 
for  providing  backup  support  to 
other  Information  Technology 
staff  as  needed,  to  include  meet¬ 
ing  with  vendors  and  training 
users  on  use  of  software.  Re¬ 
quirements  include  a  Bachelor's 
Degree  (or  equivalent)  in  Com¬ 
puter  Science,  Engineering, 
information  Systems,  or  related 
field  plus  two  years  of  experi¬ 
ence  in  a  Windows  environment 
with  proficiency  in  the  following 
applications:  Windows  XP,  MS 
Office  Suite  and  legal  industry 
applications  such  as  DOCS 
Open,  Carpe  Diem,  Deltaview, 
IPRO,  Concordance  and  E- 
Binder.  Experience  working  in  a 
law  firm  or  corporate  environ¬ 
ment,  in  a  computer  support  ser¬ 
vices  area  on  a  local  area  net¬ 
work  is  preferred.  Competitive 
salary  and  benefits  offered. 
Interested  candidates  should 
send  resume  to:  Administrator 
(Job  Code  1208),  Hunton  & 
Williams  LLP,  1111  Brickell 
Avenue,  Suite  2500,  Miami, 
Florida  33131.  Equal  Opportun¬ 
ity  Employer. 

SYSTEMS  ENGINEER 

Specify,  design,  code  test  and 
maintain  systems  software  used 
by  company  application  in  the 
UNIX  environments  of  Sun  Sol¬ 
aris,  IBM  AIX.  Track  UNIX  tech¬ 
nology  directions  and  ensure 
that  company  products  are  tai¬ 
lored  appropriately  for  the  UNIX 
environment.  C  tree  experience 
and  knowledge  of  UNIX  system 
services:  threads,  daemon  pro¬ 
cesses,  signals  and  client-server 
architectures.  Must  carry  a 
beeper  travel  up  to  50%  of  the 
time.  3  years  of  C  ++  experience 
required.  Bachelor’s  degree  or 
equivalent  in  Computer  Science 
or  related  field.  Five  years  of 
experience  in  job  offered  or 
related  occupation.  40  hours  per 
week,  8:00  a.m.  to  5:00  p.m, 
$72, 542. 88/year.  Must  have 
proof  of  legal  authority  to  work  in 
the  United  States.  Send  your 
resume  to  Madhavi  Bhadbhade, 
Nebraska  Department  of  Labor, 
P.O.  Box  94600,  Lincoln,  NE 
68509.  Refer  to  Job  Order 
TREL5-Y8N75-58428.  This 

advertisement  is  paid  for  by  the 
employer. 

Programmer  Analyst,  Delphi, 
multiple  positions,  to  program, 
analyze,  test,  troubleshoot  and 
develop  Delphi  software  as  a 
front  end  for  use  in  real-time 
muti-tiered  Tibco/DCOM  based 
business  system  applications 
installed  in  a  distributed  client 
server  environment  including 
implementation  in  an  intra/inter- 
net  environment.  May  use  tools 
such  as  MIDAS,  SOAP,  COM/ 
DCOM,  Object  Pascal.  PVCS, 
Visual  Source  Safe,  Rational 
Clear  Case,  TOAD,  DLL,  Visual 
Basic,  Web  Logic  Server  or 
Quick  Reports  as  required  in 
performance  of  duties.  Requires 
Bachelor’s  Degree  n  Computer 
Science,  Computer  Engineering 
or  Computer  Information  Sys¬ 
tems  and  one  year  experience  in 
the  job  offered  position.  Work 
location:  Various  unanticipated 
client  sites.  Send  resumes  only, 
no  calls,  to:  Genome  Inter¬ 
national  Corporation,  583 
D'Onofrio  Drive,  Madison,  Wl 
53719. 

I/O  Software,  Inc.  has  an 
opening  for  a  Business 
Development  Engineer  in 
Riverside,  CA.  Bachelor's 
degree  in  Engineering  or 
related  w/5  yrs  as  Manager/ 
Engineering  support.  Bio¬ 
metrics  security  technology; 
PC  OEM  and  Smart  Card 

security  technology  for  busi¬ 
ness  development  and  sales 
reqd.  Please  send  resume  to: 
jobs@iosoftware.com 

Software  engineers/system  ana¬ 
lyst  wanted  by  Saras  America  to 
design  and  develop  applications 
using  various  skills.  Min  is 
BS/MS  with  exp  in  IT  field. 
Traveling  is  required  for  some 
positions.  We  offer  competitive 
salary  with  full  benefit.  Please 
send  resumes  to  hrOSaras 
America.com.  EOE.  No  calls. 

Emergtech  is  looking  for  IT  pro¬ 
fessionals  to  design  software 
and  computer  systems  to  meet 
project  requirements.  Candi¬ 
dates  must  have  BS/MS  degree 
plus  experience  in  the  computer 
field.  We  are  small  but  stable. 
Travel  maybe  required.  Please 
send  resumes  to  iobfitemera 
techinc.com.  EOF 

IT  Education  &  Training  Directory 

Contact  the  companies  listed  below 
to  help  you  with  your  training  needs! 


IPexpert,  Inc. 

(866)  225-8064 

www.ipexpert.com 

CCIE  (R&S,  SEC,  and  C&S),  CCSP, 

CCNP,  CCNA,  IP  Telephony 


CBT  Nuggets 

(888)  507-6283  &  (541)  284-5522 
www.cbtnuggets.com 
Affordable  training  videos  on  CD 
MCSE,  MCDBA,  MCSD,  CCNA, 
Citrix,  Linux,  A+,  Net  + 
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INFOTECH  CONSULTING,  INC. 

Computer  Programmers, 
Software  Engineers, 
Database  Administrators 
A  multi-million  dollar  consulting 
firm  seeks  well-qualified  technical 
professionals  for  analysis,  design, 
development,  implementation  and 
maintenance  of  software  applica¬ 
tions  in  one  or  more  of  the  follow¬ 
ing: 

•  Java,  EJB,  Severlets,  JSP, 
PL/SQL,  Application  Server,  UNIX 
(Solarix),  HTML  &  JavaScript 

•  C++,  PL/SQL,  Application 
Server(s)  Oracle/IBM/BEA 

•  Microsoft  Technologies 

•  a)  DNA,  COM/DCOM/COM+/MS 

•  b)  DotNET,  C#,  VB.NET, 
ADO.NET,  XML,  assemblies, 
Remoting 

•  c)  XML  with  MS  SQL  Server 

•  d)  Version  Control,  VSS 
Integration,  Configuration 
Management 

•  VB,  ASP 

•  XML  (DOM,  SAP)  DotNET,  Java 
&  C++  Parser 

•  OOPS,  CORBA,  ORDBMS, 
Design  Patterns,  MOM  Concepts 

•  Object  and  Database  Modeling  - 
CASE  Tools  (ERWIN,  Designer, 
CooliGEN)  UML  (Enterprise 
Architect,  Rational  Rose) 

•  SAP,  Peoplesoft  ERP,  ABAP, 
Oracle  Applications  (Financials) 

•  ORACLE  database  Developer, 
Designer,  Actuate  Web  Reporting 

•  UNISYS  Mapper/COBOL, 
PowerBuilder 

•  IBM  Mainframe,  MQSeries  and 
Related  Technologies 

•  DBA-  Oracle,  DB2,  SQL  server 

Computer  Programmers  should 
have  bachelor’s  degree  (or  its 
functional  equivalent)  in  Computer 
Science/quantitative  disciplines  & 
2+yrs  relevant  experience.  Soft¬ 
ware  Engineers  should  have  mas¬ 
ter’s  degree  (or  its  functional  equi¬ 
valent)  in  Computer  Science/quan¬ 
titative  disciplines  &  2+yrs  relevant 
experience  or  bachelor’s  degree 
(or  its  functional  equivalent)  in 
Computer  Science/  quantitative 
disciplines  &  5+yrs  relevant  experi¬ 
ence.  DBAs  should  have  bache¬ 
lor's  or  master’s  degrees  (or  func¬ 
tional  equivalents)  and  2  +  years 
relevant  experience.  Candidates 
must  be  willing  to  travel  &  relocate. 
Send  resume  to:  Recruitment 
CWW,  Infotech  Consulting,  Inc., 
4750  Delbrook  Rd.,  Ste.  201, 
Mechanicsburg,  PA  17050;  Fax: 
717-731-9857;  Email:  hsingh@info 
techpa.com.  Visit  our  website  at 
http://www.infotechpa.com. 


Support  Engineer  -  Must  have 
BS  in  Computer  Science  or 
Engineering.  Must  have  4  years 
of  experience  in  the  job  offered 
or  as  a  Systems  and  Network 
Engineer.  To  maintain  Exchange 
server,  Windows  2000  file/Apps 
servers,  RAS  and  DHCP 
servers;  stage  Windows  2000 
servers,  Oracle  8i/9i  servers, 
VSoft's  product  and  IIS  5.0  for 
web-based  products  and  provide 
remote  client  support  using 
PCanywhere;  maintain  Cisco 
routers,  Switches,  Cisco  3000 
series  VPN  boxes;  maintain  fire¬ 
wall  with  updated  patches  and 
change  rule-sets  as  per  require¬ 
ment;  and  configure  centralized 
Symantec  Systems  Center  to 
download  from  the  web,  push  the 
updates  and  anti-virus  scans  to 
all  the  workstations  in  the  net¬ 
work.  Qualified  candidates  must 
send  resumes  to  VSoft  Corp.,  S. 
Viswanathan,  6455  East  Johns 
Crossing,  Ste.  450,  Duluth,  GA 
30097. 


JUNIOR  PROGRAMMER/ANA¬ 
LYST  to  analyze,  design,  devel¬ 
op,  implement,  and  support  inter¬ 
net/intranet  based  application 
software  using  C,  C++,  Cold  Fus¬ 
ion,  Access,  Java,  SQL  Server, 
HTML,  Oracle,  Java  Script,  and 
XML  under  Windows  operating 
systems.  Require:  B.S.  degree 
in  Computer  Science,  an  Engin¬ 
eering  discipline,  or  a  closely 
related  field  with  one  years  of 
experience  in  the  job  offered  or 
as  a  Programmer.  Extensive 
travel  on  assignments  to  various 
client  sites  within  the  U.S.  is 
required.  Competitive  salary  of¬ 
fered.  Send  resume  to  Pishu 
Harjani,  Focus  Software,  Inc.,  22 
Perimeter  Center  East,  Suite 
2205,  Atlanta,  GA  30346;  Attn: 
Job  PK. 


Programmer  Analyst 
(Micro/Web)  - 
Multiple  Openings 

Structured  systems  analysis, 
design,  development,  testing, 
quality  assurance,  implementa¬ 
tion,  integration,  maintenance 
and  support  of  integrated  client- 
server  based  systems  for  busi¬ 
ness,  financial,  banking,  manu¬ 
facturing  and  other  commercial 
business  application  systems  in 
a  multi-hardware/multi-software 
environment  using  centralized  or 
distributed  relational  database 
management  systems,  4GLs 
(Fourth  Generation  Languages) 
and  other  GUI  (Graphical  User 
Interface)  front-end  tools.  Analy¬ 
sis,  design  and  development  of 
client-server  applications  using 
object-oriented  methodology. 
Bachelor's  Degree  (or  equiva¬ 
lent)  in  Computer  Science-Math/ 
Engineering/Science/Business- 
Commerce  and  1  yr.  experience 
in  job  offered  or  as  Software 
Engineer/Systems  Analyst  are 
required.  Must  have  appropriate 
combination  of  skills  as  follows: 
1  of  A  and  2  of  B;  or  2  of  A  and  1 
of  B;  or  3  of  A.  A  includes  Oracle, 
Sybase,  Informix,  SQL  Server, 
Progress,  Ingres,  Access  and 
Proxy  Server;  and  B  includes 
PowerBuilder,  Visual  Basic,  MS- 
Windows,  Visual  C++,  JAM, 
APT-SQL,  SQL*FORMS,  ESQL/ 
C,  GUPTA  SQL,  Progress  4GL, 
Informix  4GL,  Ingres  4GL,  C, 
Java,  Lotus  Notes,  HTML,  CGI, 
IIS,  ASP,  Front  Page,  Perl  and 
Java  Development  Kit  (JDK); 
High  mobility  preferred.  40  hrs / 
week,  8  am  -  5  pm.  $67,995  - 
$78,000  per  year.  Qualified 
applicants  should  contact  or 
send  resume  to  Mon  Valley 
Regional  CareerLink,  ATTN: 
Actg.  CL  Program  Supervisor, 
Donora  Industrial  Park,  570 
Galiffa  Drive,  Donora,  PA  15033. 
Refer  to  Job  Order  #  WEB 
412581. 


Computer  -  Decru,  Inc.  is  seek¬ 
ing  a  Team  Leader  for  Software 
Cryptography  Engineers  in 
Redwood  City,  CA.  Candidate 
will  direct  team  of  software  cryp¬ 
tography  engineers  to  develop 
and  improve  encryption  devices 
which:  1)  encrypt  data  at  rest;  2) 
are  FIPS  140-2  level  3  certified; 
3)  operate  at  4  GBS  encryption 
speed;  4)  use  smart  cards  for 
device  management  &  security 
enforcement;  5)  operate  trans¬ 
parently;  and  6)  are  reliably  clus¬ 
tered  through  untrusted  network. 
Candidate  will  direct  software 
engineers  who:  1)  improve  per¬ 
formance  of  TCP/IP  stack;  2)  im¬ 
plement  IPSec  protocol;  3)  write 
&  improve  driver  performance 
for  Fibre  Channel  &  SCSI  devic¬ 
es;  4)  write  IPSec  hardware  ac¬ 
celerators  drivers;  5)  incorporate 
TCP/IP  stack  directly  into  soft¬ 
ware;  6)  profile  kernel,  network 
stack  &  storage  access  protocol 
modules;  7)  create  performance 
analysis  of  NFS,  CIFS  and  Fibre 
Channel  systems,  with  and  w/o 
these  devices,  to  improve  their 
performance;  8)  reorganize  me¬ 
mory  mgmt.  schemes  to  obtain 
zero  copy  for  data  being  pro¬ 
cessed;  9)  eliminate  race  condi¬ 
tions  w/o  affecting  performance; 

10)  perform  security  review  & 
correct  vulnerability  of  modules; 

11)  track  CERT  security  advisor¬ 
ies  to  ensure  compliance;  12) 
architect,  develop  &  test  auto¬ 
mated  build  systems  to  automat¬ 
ically  build  firmware  releases 
using  Java,  C  and  assembly  lan¬ 
guages.  Please  email  resumes 
to  talent@decru.com. 


Charter  Global,  Inc.  has  open¬ 
ings  for  Programmers,  Soft¬ 
ware  Consultants,  Programmer 
Analysts,  DBA's,  Systems 
Analysts,  Software  Engineers 
and  Engineering  Programmers 
Bachelor's  or  Master's  degree 
(or  foreign  equiv)  plus  1  -  2  yrs 
exp  req'd  depending  upon  posi¬ 
tion.  For  some  positions,  we 
also  accept  degree  equiv.  in 
educ.  &  experience.  Travel 
and/or  relocation  required. 
Send  resume  &  salary  req.  to 
Charter  Global,  Inc,  HR  5445 
Triangle  Parkway,  Ste  190, 
Norcross,  GA  30092. 


SOFTWARE  ENGINEER  to  de¬ 
sign,  develop,  debug  and  test 
data  porting  application  soft¬ 
ware,  and  configure  computers 
for  optimal  performance  using 
Win  2003  Server,  IIS,  .NET  tech¬ 
nologies,  C#, Visual  Studio.NET, 
Web  Services,  Web  Forms,  Win 
Forms,  ASP.NET,  Java  Script, 
VB  Script,  HTML,  Oracle  Forms/ 
Reports  (Oracle  Developer), 
Oracle,  SQL  Server,  SQL  Server 
Enterprise  Manager,  Query  Ana¬ 
lyzer  and  Profiler,  COM/DCOM, 
ODBC  OLEDB,  ADO,  ADO.NET, 
XML/XSLT  and  SOAP  under 
Windows,  MAC,  Sun  Solaris  and 
AIX  operating  systems;  Respon¬ 
sible  for  benchmark  product 
quality  and  performance;  Devel¬ 
op  and  automate  performance 
testing  tools  using  C#,  SQL, 
TSQL,  Stored  Procedures,  Fun¬ 
ctions  and  Triggers  on  high-end 
computer  hardware.  Require: 
Master’s  degree  in  Computer 
Science,  an  Engineering  disci¬ 
pline,  Electronics,  or  a  closely 
related  field  with  2  yrs  of  exp  in 
the  job  offered  or  as  a  Software 
Test  Engineer  or  Systems  Ana¬ 
lyst.  Extensive  travel  on  assign¬ 
ment  to  various  client  sites  with¬ 
in  the  U.S.  is  required.  Competi¬ 
tive  salary  offered.  Send  resume 
to:  Krishna  Mupparaju,  Data 
Matrix  Associates,  Inc.,  102 
Furlong  Court,  Frankfort,  KY 
40601  Attn:  Job  BK. 


Applications  Development  Ana¬ 
lyst  -  Analyzes  systems  require¬ 
ments  &  corrects  systems  errors. 
Design  software  &  determine  sol¬ 
utions  based  on  requirements. 
Code,  test  &  execute  test  pro¬ 
grams.  Document  programs  in 
specialized  languages.  Requires 
Bachelor’s  degree  in  Computer 
Science,  Computer  Engineering, 
Engineering,  Information  Sys¬ 
tems  or  related  plus  1  year  of 
experience  in  the  job  offered  or  1 
year  of  experience  in  C/C++  pro¬ 
gramming.  Employer  will  accept 
the  1-year  experience  in  C/C++ 
programming  gained  before  or 
after  the  bachelor’s  degree.  Must 
also  have  knowledge  (3  credit 
hours)  of  at  least  one  of  the  fol¬ 
lowing:  Java,  RDBMS,  SQL, 
Unix  or  Visual  Basic.  Salary: 
$51,861.96  40hours/week, 
8:00am-5:00pm,  Job  location: 
Lexington,  KY.  Only  persons 
with  authorization  to  work  perma¬ 
nently  in  the  U.S.  need  to  apply. 
Must  submit  resume  to:  Ginny 
Burton  #3563,  Department  for 
Employment  Services,  275  E. 
Main  Street  2-WA,  Frankfort, 
Kentucky  40621.  EQUAL  OP¬ 
PORTUNITY  EMPLOYER. 


Project  Manager,  PeopleSoft 
Practice  -  Manage  &  supervise 
PS  HRMS  projects.  Lead  bus. 
analysis  of  org  structure,  info 
sharing  between  depts,  program 
integration,  interdepartmental 
communication  &  internal  policy 
development.  Facilitate  client 
communication.  Manage  &  sup¬ 
ervise  prog,  analysts  in  design, 
development  &  implementation 
of  projects.  Will  accept  Bach¬ 
elor's  degree  or  foreign  equiv  or 
equiv  combination  edu  &  exp. 
Must  have  1  yr  exp  as  project 
mngr  using  PS  HRMS  &  1  yr  exp 
as  HR  mngr.  $75,365/yr  40  hrs / 
wk  EEO/AAP/M/F/V/H  Submit 
resumes  to  Fayette  County 
CareerLink  ATTN:  CareerLink 
Program  Supervisor,  135 
Waylan  Smith  Dr,  Uniontown, 
PA  15401  Job  Order  No 
WEB411822. 


Colonial  Life  &  Accident  Insur¬ 
ance  Company  has  an  excellent 
opportunity  for  a  Systems  Mana¬ 
ger  III.  Req.  minimum  of  a  BA/ 
BS  in  Comp.  Sci.,  Engg,  Math, 
Statistics,  or  IT  &  7  yrs.  exp.  in 
data  warehouse  mgmt.  consult¬ 
ing  &  implementation.  Exp.  must 
involve  work  w /  data  warehouse 
s/ware  technologies  incl.  Micro¬ 
strategy,  Assential,  GROUP1  & 
SAS.  Send  resumes  &  cover 
Itrs.  to  HR  Department,  Colonial 
Life  &  Accident  Insurance  Co., 
1200  Colonial  Life  Blvd.,  Mail 
Stop  SCI 35,  Columbia,  SC 
29210.  EOE.  Colonial  Supple¬ 
mental  Insurance  is  the  market¬ 
ing  brand  of  Colonial  Life  & 
Accident  Insurance  Company. 


i 


Data-Core  Group,  Inc.  has  im¬ 
mediate,  opportunities  for  expe¬ 
rienced  Programmers,  Program¬ 
mer  Analysts,  Systems  Analysts, 
Database  Designers,  and  Soft¬ 
ware  Engineers  with  a  Bachel¬ 
or's  degree  and  one  year  of  ex¬ 
perience  in  three  or  more  of  the 
following:  PowerBuilder,  Visual 
Basic,  SQL  &  RDBMS  Oracle 
7.1  or  later,  Crystal  Reports, 
Rational  Rose,  IBM  mainframe 
environ.,  MVS,  COBOL,  Java¬ 
Script,  HTML,  DHTML,  C++, 
Visual  C++,  Sybase,  IIS,  ASP, 
Java,  LAN  &  WAN  networking, 
SNMP,  Frame  Relay,  UNIX, 
Socket  Interface,  Network  Node 
Manager,  TCP/IP,  Open  View, 
Shell  scripting,  Oracle  SQL, 
Configuration  Management 
Software.  We  also  accept  the 
foreign  edu.  equiv.  of  the 
degree.  All  positions  require  fre¬ 
quent  travel  and  relocation 
throughout  the  U.S.  Send 
resume  to  3700  Science  Center, 
Ste.  203,  Philadelphia,  PA 
19104.  Visit  our  website  at 
www.datacoresvstems.com. 


Millennium  Software,  Inc.  has 
opportunities:  Programmers,  Sy¬ 
stems  Analysts,  Software  Engin¬ 
eers,  Consultants,  DBAs,  Archi¬ 
tects  and  Project  Managers  with 
4  or  more  skills  in  following  envi¬ 
ronments:  Java,  EJB,  Shell 
Scripts,  SAS,  PLC,  Textra,  XML, 
SQL,  mqPCX,  PowerBuilder,  Ra¬ 
tional  Rose,  Relational  Databas¬ 
es,  Perl,  SAP,  Primavera  Team 
Play  /  P3e,  Teradata,  MQ-Series, 
IMS,  Adabase,  Natural,  Web¬ 
sphere,  Oracle  Workflow,  Filenet 
eprocess,  Fioware  Workflow  en¬ 
gine,  C/C++,  HTML,  VisualBasic, 
COBOL,  DCEDFS,  AutoCAD, 
Six-Sigma,  ASP.net.  B.  S.  or 
M.S.  degree  reqd.  We  also 
accept  the  foreign  edu.  equiv.  of 
the  degree,  or  the  degree  equiv. 
in  edu  and  exp.  Frequent  travel 
and  relocation.  Send  confidential 
resume  and  salary  requirements 
to:  2000  Town  Center,  Ste  300, 
Southfield,  Ml  48075.  Visit  our 
website  at  www.webmsi.com. 


Database/Oracle  Developer  to 
Analyze,  design,  and  develop 
Oracle  Applications  based  on 
technical  requirements  and  vari¬ 
ous  specifications.  Utilize  VISTA 
application  for  publishing  com¬ 
panies.  Utilize  Oracle  8i,  Oracle 
9iAS  version  1.0.2.x,  PL/SQL, 
SQL  Loader,  Oracle  Forms  & 
Reports  6i  deployed  on  the  web 
using  Jinitiator  and  JavaBeans 
incorporated  in  Forms,  TOAD, 
Forms  &  Reports  Server,  Jiniti¬ 
ator  1.3x,  SQL  Loader,  Data 
Warehouse  concepts,  DBA  Fun¬ 
ctions,  Support  DBA  Role.  Bach¬ 
elors  Degree  in  information  Sys¬ 
tems  or  Computer  Science  or 
equivalent  and  five  years  experi¬ 
ence.  Send  resume  to:  Aspen 
Publishers,  a  Division  of  Wolters 
Kluwer,  2700  Lake  Cook  Road, 
Riverwoods,  IL  60015;  by  e-mail 
to:hrfred@asoenpublishers.com 


Full-Time  TSG  Specialist:  Use 
database  management  &  pro¬ 
gramming  in  Oracle,  MS  SQL, 
Cold  Fusion,  ASP,  Visual  Basic, 
C++,  .Net,  PL/SQL  &  Access. 
Salary  competitive.  Must  have 
Bachelor's  degree  in  Manage¬ 
ment  Information  Systems  or 
related  field.  Employer  will 
accept  Master's  degree  in  lieu  of 
Bachelor's.  Educational  back¬ 
ground  must  have  included 
above  listed  computer  skills. 
Send  resume  to  Ms.  Vogelien, 
HR,  UPS,  1600  Cottonwood  St., 
Charlotte,  NC  28206. 
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Datacenter 


knowing  the  stuff  is  going  to  be 
reliable,”  said  Jeremy  Lehman, 
a  senior  vice  president  in 
charge  of  the  technology  group 
at  New  York-based  Thomson 
Financial,  a  customer  since  last 
October.  “The  beauty  of 
Unisys  is  that  their  whole  cul¬ 
ture  is  about  big  systems  that 
can’t  go  down.” 

But  the  early  editions  of 
ES7000s  running  Datacenter 
could  be  pushed  to  their  lim¬ 
its,  as  First  American  Title  In¬ 
surance  Co.  discovered.  The 
Santa  Ana,  Calif.-based  insur¬ 
er  found  its  ES7000s  “running 
out  of  gas”  during  peak  times, 
especially  as  West  Coast  em¬ 
ployees  logged  on  and  joined 
colleagues  nationwide  in  ac¬ 
cessing  the  company’s  mis¬ 
sion-critical  title  and  escrow 
system,  said  CIO  Larry  Godec. 
About  11,000  users  rely  on  the 
homegrown  First  American 
Software  Technology  (FAST) 
Transaction  System. 

“We  really  needed  more 
horsepower,”  Godec  noted. 

The  Contest  Begins 

Godec  said  he  was  anxious  to 
try  out  Intel  Corp.’s  64-bit 
Itanium  chips  with  the  FAST 
application  and  64-bit  SQL 
Server  because  of  the  perfor¬ 
mance  gains  he  thought  First 
American  could  get.  Last  De¬ 
cember,  First  American 
benchmarked  a  32 -way  Hew¬ 
lett-Packard  Co.  Superdome 
running  64-bit  Itanium  chips 
against  three  different 
ES7000s:  a  32-way  box  with 
900-MHz  Intel  Xeon  proces¬ 
sors,  a  32-way  box  with  2.8- 
GHz  Xeon  processors  and  a 
1.5-GHz  16-way  Itanium  box. 

“If  Unisys  had  a  32 -way  box 
[running  64-bit  Itanium]  and 
performed  better  than  the  HP 
box  and  was  shown  to  be  sta¬ 
ble,  it  would  have  come  down 
to  price,”  Godec  said.  “It’s  not 
that  we  were  trying  to  throw 
Unisys  out  for  any  reason.” 

To  no  one’s  surprise,  the  32- 


way  HP  box  running 
Itanium  “blew  away” 
the  16-way  Unisys 
box  equipped  with 
Itanium,  Godec  said. 

So  First  American 
soon  began  moving 
to  new  HP  hardware 
and  Windows  Serv¬ 
er  2003  Datacenter. 

The  switch  didn’t 
happen  without  a 
few  bumps,  including 
error  handling  prob¬ 
lems  with  the  Itanium  chip, 
Godec  noted.  But  now  that  all 
the  kinks  have  been  worked 
out,  First  American  can  focus 
on  enhancing  its  FAST  appli¬ 
cation  rather  than  fretting  over 
performance,  he  said.  The  com¬ 
pany  repurposed  its  ES7000s 
for  its  data  warehouse. 

Another  early  ES7000/Data- 
center  adopter,  an  internation¬ 
al  cosmetics  manufacturer, 
chose  a  different  approach. 

The  company  wants  out  of  the 
Datacenter  program  entirely, 
according  to  the  database  man¬ 
ager,  who  asked  that  he  and  his 


company  not  be 
identified. 

He  said  the  Data¬ 
center  reseller  pro¬ 
gram  has  been  too  re¬ 
strictive.  Because  the 
cosmetics  company 
opted  for  a  storage 
product  that  wasn’t 
one  of  the  certified 
configurations  for 
the  ES7000/Datacen- 
ter  system,  it  found  it 
would  have  to  pay  to 
get  its  configuration  certified, 
according  to  the  database  man¬ 
ager.  He  said  he  prefers  more 
choice  for  external  products. 

The  cosmetics  company  has 
no  plans  to  abandon  Win¬ 
dows,  and  Unisys  remains  in 
the  running.  But  it’s  testing  its 
massive  SQL  Server  2000 
databases  on  the  64-bit  Enter¬ 
prise  Edition  of  Windows 
Server  2003  running  on  Uni¬ 
sys,  HP  and  IBM  hardware 
with  64-bit  Itanium  proces¬ 
sors,  according  to  the  database 
manager.  He  said  his  research 
indicates  that  1.5-GHz  Itanium 


processors  will  be  faster  than 
3-GHz  32-bit  processors. 

The  cosmetics  company  is 
testing  a  cluster  of  two  eight¬ 
way  64-bit  servers  running 
SQL  Server,  rather  than  the 
two  16-way  32 -bit  ES7000s  it 
currently  uses.  The  database 
manager  added  that  if  all 
works  well,  he  hopes  to  be  able 
to  replace  the  two  ES7000s 
leased  at  a  total  cost  of 
$800,000  with  six  smaller 
servers  leased  for  $280,000  — 
and  improve  performance  to 
boot.  An  end-to-end  process 
that  took  four  hours  to  com¬ 
plete  in  the  32-bit  world  is 
now  done  in  40  minutes  with 
64-bit  chips,  he  said. 

Lehman  said  he  has  “played 
that  game”  of  trying  to  come 
up  with  less  expensive  config¬ 
urations  that  can  boost  perfor¬ 
mance.  But  he  said  configur¬ 
ing  and  managing  the  boxes 
requires  significant  IT  effort, 
and  he  prefers  that  his  devel¬ 
opers  focus  on  building  new 
products  for  Thomson. 

Tom  Bittman,  an  analyst  at 


Gartner  Inc.,  said  that  al¬ 
though  Windows  Datacenter 
sales  are  growing,  it’s  still  at  a 
slow  rate.  In  contrast,  Enter¬ 
prise  Edition  is  a  much  high¬ 
er-volume  product  with  a 
faster  rate  of  growth,  he  said. 

Yet  it’s  no  longer  difficult  to 
find  users  who  are  happy  to 
talk  about  their  current 
Unisys/Datacenter  systems. 
Gary  Clark,  director  of  corpo¬ 
rate  IT  services  at  La-Z-Boy 
Inc.  in  Monroe,  Mich.,  said  his 
company  installed  its  first 
ES7000  in  December  2000  for 
server  consolidation  purposes 
and  has  since  added  two  more 
boxes  to  run  its  new  People- 
Soft  ERP  system. 

“Right  now,  without  ques¬ 
tion,  we’re  sticking  with  the 
Datacenter  program,”  said 
Clark.  “I  don’t  want  to  deal 
with  multiple  vendors  relative 
to  how  I  get  my  support  for 
my  mixed  environment. . . .  It’s 
a  premium  price,  but  we’ve 
found  time  and  again  that  it 
has  come  through  for  us.” 
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WebSphere  Tools  Upgraded 
To  Ease  Java  Development 


But  improvements 
may  not  help  Java 
novices,  analysts  say 

BY  CAROL  SLIWA 

IBM  tomorrow  plans  to  an¬ 
nounce  an  upgrade  to  its  Web¬ 
Sphere  Studio  tools  line  that’s 
intended  to  ease  development 
in  a  Java  environment. 

The  primary  addition  to 
WebSphere  Studio  Version 
5.1.2  is  support  for  the  recently 
finalized  JavaServer  Faces  stan¬ 
dard,  which  simplifies  the 
building  of  rich  user  interfaces. 

WebSphere  Studio  also  sup¬ 
ports  an  early  version  of  Ser¬ 
vice  Data  Objects  (SDO), 
which  provides  a  unified  pro¬ 
gramming  model  for  accessing 
data  from  heterogeneous  sys¬ 
tems,  including  XML-based 


data  sources  and  Web  services. 
SDO  has  yet  to  be  finalized  by 
the  Java  Community  Process  es¬ 
tablished  by  Sun  Microsystems 
Inc.  to  evolve  Java  technology. 

Site  Developer  and  Applica¬ 
tion  Developer  editions  of 
WebSphere  Studio  also  add 
support  for  a  modernized  edi¬ 
tion  of  IBM’s  Enterprise  Gen¬ 
eration  Language  (EGL), 
which  IBM  said  it  expects  will 
be  especially  helpful  to  Cobol 
and  Informix  4GL  users.  Lee 
Nackman,  vice  president  of 
desktop  development  tools 
and  chief  technology  officer  of 
IBM’s  Rational  Software  divi¬ 
sion,  said  EGL  is  aimed  at  pro¬ 
grammers  who  don’t  want  to 
get  involved  in  object-oriented 
programming  and  inheritance. 

IBM’s  WebSphere  Studio 
upgrade  marks  the  latest  in  a 


series  of  announcements  fo¬ 
cused  on  the  theme  of  easing 
Java  development.  But  as  with 
some  other  vendors’  new  re¬ 
leases,  analysts  questioned 
how  much  the  improvements 
will  really  help  developers 
who  are  unfamiliar  with  Java. 

Thomas  Murphy,  an  analyst 
at  Stamford,  Conn.-based 
Meta  Group  Inc.,  said  Web¬ 
Sphere  Studio  5.1.2  reduces 
some  of  the  barriers  to  devel¬ 
oping  basic  Java  and  database 
Web  applications.  But  he  said 
he  thinks  it  will  be  most  ap¬ 
pealing  to  those  who  already 
use  Java.  He  said  WebSphere 
Studio  remains  “packed,”  as 
opposed  to  the  slimmed-down 
user  interface  found  in  Sun’s 
upcoming  Java  Studio  Creator. 

Mark  Driver,  an  analyst  at 
Stamford,  Conn.-based  Gartner 
Inc.,  said  WebSphere  Studio 
still  doesn’t  approach  the  ease 
of  use  of  tools  such  as  BEA 
Systems  Inc.’s  WebLogic  Work¬ 
shop.  He  added  that  he  doesn’t 


The  new  version  supports: 

i  JavaServer  Faces 
Service  Data  Objects 


Enterprise  Generation 
Language 

Portal  development 


think  Visual  Basic  or  Power¬ 
Builder  programmers  will  use 
EGL,  and  he  predicted  that 
they  will  continue  to  struggle 
with  Java  overall.  “EGL  will  al¬ 
low  Cobol  programmers  to  be 
productive  in  Java,  but  I  don’t 
see  a  lot  of  demand  for  it  be¬ 
yond  that,”  Driver  said. 

WebSphere  Studio  Appli¬ 
cation  Developer  and  Site  De¬ 
veloper  5.1.2  are  due  in  mid- 
May,  and  enterprise  and  inte¬ 
gration  editions  will  follow 
later.  O  46570 
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Shameless 

IT’S  YOUR  FAULT.  Yeah  you,  Mr.  or  Ms.  Corporate  IT  Person. 
Microsoft  says  it’s  your  fault,  and  the  fault  of  your  users,  that 
there  are  so  many  security  problems  with  Microsoft  software. 
Oh,  sure,  there  are  security  holes  in  Microsoft  products.  But 
Microsoft  does  patch  them  —  eventually.  And  unless  corpo¬ 
rate  IT  does  a  better  job  of  promptly  applying  those  patches,  as  well 
as  training  users  in  safe  computing  practices  —  well,  there’s  only  so 
much  Microsoft  can  do. 

Yes,  at  Microsoft  irony  is  dead.  And  so,  apparently,  is  shame. 


See,  last  week  a  high-level  Microsoft  manager 
named  Jonathan  Perera  was  making  the  it’s- 
your-fault-too  pitch  at  the  Infosecurity  Europe 
conference  in  London.  At  exactly  the  same 
time,  security  companies  were  reporting  a  new 
round  of  attacks  on  Microsoft  products,  includ¬ 
ing  IIS  and  Exchange  Server,  based  on  yet  an¬ 
other  Microsoft  buffer  overflow  vulnerability. 

Microsoft  had  issued  a  patch  for  that  security 
hole  just  two  weeks  earlier.  But  the  hole  is  in 
every  version  of  Windows  NT  and  XP  Pro  that 
has  shipped  since  Windows  NT  4.0  in  1996. 

In  other  words,  it  took  Microsoft  almost  eight 
years  to  find  and  fix  this  hole  —  a  hole  that  ex¬ 
ists  only  because  of  Microsoft  product  develop¬ 
ment  policies  that  in  another  profession  would 
be  called  malpractice.  But  now  we’re  told  it’s 
corporate  IT’s  fault  too,  because  in  two  weeks 
we  haven’t  patched  the  12.5  million  servers  and 
200  million  client  PCs  affected.  (That’s  the  cur¬ 
rent  Windows  NT,  Server  and  XP  Professional 
installed  base,  according  to  IDC.) 

Why  haven’t  we  patched  them?  Everybody 
knows  the  answer:  because  of  the  cost.  There’s 
such  a  continuous  stream  of  patches  from  Mi¬ 
crosoft  that  we  can’t  afford  to  apply  every  patch 
immediately. 

Why  doesn’t  Microsoft  get  it  right 
the  first  time  —  or  the  second  time, 
or  the  third  —  so  all  those  patches 
won’t  be  necessary?  Remember,  this 
most  recent  security  hole  has  sur¬ 
vived  code  reviews  for  several  gen¬ 
erations  of  Microsoft  products,  in¬ 
cluding  the  supposedly  improved 
security  vetting  Microsoft  has  put 
in  place  since  the  start  of  its  Trusted 
Computing  initiative. 

The  answer  is  the  same:  the  cost. 

A  buffer  overrun  isn’t  a  subtle  bug, 
and  it’s  not  hard  to  spot  —  if  you’re 
looking.  But  Microsoft  doesn’t  want 


to  spend  the  money  to  carefully  examine  every 
line  of  code  before  it  ships.  That  would  just  be 
too  expensive. 

Microsoft  would  rather  wait  until  hundreds 
of  millions  of  copies  are  in  use  —  so  we’re  the 
ones  who  pay  for  applying  those  patches. 

Of  course,  customers  will  foot  the  bill  in 
either  case.  If  the  code  is  fixed  before  it  ships, 
we  pay  in  higher  prices.  If  it’s  fixed  after  it 
ships,  we  have  the  cost  of  patching. 

But  how  much  is  it?  Let’s  say  it  costs  $80  for 
the  average  IT  shop  to  apply  this  most  recent 
patch  to  each  affected  Windows  server.  That  in¬ 
cludes  all  the  costs  of  testing,  resolving  con¬ 
flicts  and  deploying  —  in  other  words,  $80  is  a 
spectacularly  lowball  estimate. 

But  it  still  means  a  total  cost  to  corporate  IT 
of  $1  billion. 

And  that’s  just  for  the  servers.  You  want  to 
patch  all  the  NT  Workstation  and  XP  Pro  PCs? 
Even  at  an  average  cost  of  $5  each  —  another 
lowball  estimate  —  that’s  another  $1  billion. 

Think  Microsoft’s  programmers  could’ve 
found  this  bug  before  shipping  the  software  for 
a  lot  less  than  $2  billion?  Betcha  they  could  have. 

Then  we’d  have  at  least  one  less  security 
problem  to  deal  with.  And  we  could  be  apply¬ 
ing  our  security  resources  to  edu¬ 
cating  users  in  safe  computing  — 
like  Microsoft  says  we  should  be 
doing  —  instead  of  spending  them 
furiously  applying  one  billion- 
dollar  patch  after  another.  Patches 
that  would  be  unnecessary  if  Mi¬ 
crosoft’s  “it’s  your  fault  too”  man¬ 
agement  had  decided  to  get  the 
code  right  before  it  shipped. 

Which  would  also  have  fixed 
the  problems  at  a  much  lower 
overall  cost. 

Pretty  ironic,  huh? 

Or  maybe  just  shameful.  ©  46535 


frank  hayes,  Computer- 
world's  senior  news  colum 
nist,  has  covered  IT  for  more 
than  20  years.  Contact  him  at 
frank.hayes@computerworld.com. 


But  Such  a  Deal! 

It’s  the  early  1990s,  and  this  developer  pilot  fish 
needs  to  make  sure  the  communications  software 
he's  working  on  will  function  with  most  commonly 
used  modems.  “We  prepared  a  list  of  the  top  dozen 
brands  and  sent  the  request  to  the  corporate  IT  pur¬ 
chasing  department,”  fish  says.  “A  few  weeks  later, 
we  received  12  identical  modems.  When  we  asked 
why,  Purchasing  proudly  replied,  ‘We  were  able  to 
save  more  than  $100  over  your  original  request  by 
getting  a  volume  discount  on  the  same  model!’  ” 

Lockdown 

Senior  program¬ 
mer  writes  the  t  A  III/ 
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SHARK 


code  to  lock 
users  out  of  a 
custom  accounting  ap¬ 
plication  after  three 
failed  log-in  tries.  It  goes 
live,  a  user  gets  locked 
out  -  and  the  help  desk 
learns  there’s  no  way 
to  unlock  an  account. 
“There  is  no  unlock  utili¬ 
ty,  because  the  program¬ 
mer  wasn’t  asked  to  cre¬ 
ate  one,”  sighs  pilot  fish 
who  watched  it  all.  “The 
programmer  has  to  go 
into  a  table  and  delete 
one  of  the  unsuccessful 
attempt  entries.” 

That’s  How  Hard 

The  shipping  guy  is  on 
vacation,  and  an  exec 
needs  a  new  PC  right 
away.  How  hard  can 
shipping  a  PC  be?  “I  put 
the  computer  in  an  emp¬ 
ty  box  and  fill  it  with  the 
first  thing  I  find:  Styro¬ 
foam  peanuts,”  says  this 
pilot  fish.  The  box  is 
transported  to  the  exec’s 
office,  and  fish  opens  it. 
“All  of  a  sudden,  thanks 
to  static  electricity,  it’s 
like  Christmas.  Styro¬ 
foam  peanuts  explode 
into  the  air  and  attach 
themselves  to  everything 
-  the  computer,  furni¬ 
ture,  walls,  the  executive 
and  the  secretary.  It 
would  have  been  awk¬ 


ward  except 
that  all  three  of 
us  were  laugh¬ 
ing  so  hard.” 


Time  Saver 

This  bank  employee 
sends  and  receives  lots 
of  faxes  every  day,  so  an 
IT  pilot  fish  is  asked  to 
install  a  fax  machine 
next  to  his  desk.  But  an 
hour  after  he  gets  it  up 
and  running,  fish  spots 
the  employee  waiting  in 
line  at  the  old  fax  ma¬ 
chine.  Isn’t  the  new 
machine  working?  fish 
asks  him.  “I  didn’t  try 
it,”  employee  admits. 

“It  doesn’t  have  all  the 
speed  dials  loaded,  and 
I  didn't  want  to  waste 
time  typing  in  the  phone 
number.” 

R6sum£  Truth 

This  town’s  new  chief 
administrative  officer 
claims  in  his  r6sum6  that 
as  city  manager  in  a 
smaller  town,  he  man¬ 
aged  his  community’s  IT 
efforts.  Funny  thing, 
says  a  pilot  fish  who’s 
skeptical  about  the  new 
boss:  “So  did  his  deputy 
city  manager,  who  also 
works  for  us  now.  IT 
must  have  required  mas¬ 
sive  intervention  there, 
as  it  was  outsourced. 

I  guess  those  pesky 
consultants  need  a  firm 
hand.” 


OT0SS  ME  SOME  CHUM:  sharky@computerworld.com 

You  score  a  stylish  Shark  shirt  if  I  tell  your  true  tale  of 
IT  life.  And  don’t  forget  to  check  out  the  daily  feed,  browse 
the  Sharkives  and  sign  up  for  Shark  Tank  home  delivery  at 

computerworld.com/sharky. 


Up  with  capacity.  Down  with  complexity.  HP  StorageWorks 
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Enterprise  Virtual  Array  combines  disk-array  storage  with 
the  ability  to  pool  resources,  making  it  easy  to  oversee  and 
control  vast  amounts  of  information.  Virtualization  ensures 
capacity  is  dynamically  expanded,  giving  you  the  most 
efficient  use  of  space  without  disrupting  service 
Now  information  has  room  to  breathe,  and 
your  business  has  room  to  change 


invent 


MLB.com  knows  the  power  of  SAS®  software... 


How  does  MLB.com M  give  fans 
the  ultimate  baseball  experience? 


Allan  H.  “Bud”  Selig,  Commissioner  of  Major  League  Baseball 


ENTERPRISE  INTELLIGENCE 

SUPPLIER  INTELLIGENCE 

ORGANIZATIONAL  INTELLIGENCE 

CUSTOMER  INTELLIGENCE 

INTELLIGENCE  PLATFORM 


Millions  of  fans.  Thirty  teams.  One  passion.  And  24/7  access  to  it  all  through  MLB.com.  At  the  official  site 
of  Major  League  Baseball,  fans  can  experience  baseball  in  a  whole  new  way  -  from  live  ballgames  to  stats 
in  real  time,  from  history  to  fantasy,  across  the  league  or  by  connecting  to  individual  club  sites.  MLB.com  is 
the  richest,  deepest  source  of  original  baseball  news  and  highlights  on  the  Internet.  SAS  is  proud  to  provide 
the  state-of-the-art  data  management,  predictive  analytics  and  marketing  automation  software  that’s  helping 
Major  League  Baseball  enrich  the  interactive  experience  for  the  hundreds  of  millions  of  visitors  who  make 
MLB.com  such  a  big  hit.  To  find  out  more  about  SAS,  visit  our  Web  site  or  call  toll  free  1  866  887  1363. 

www.sas.com/mlb 
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